More on Cryptolocker

This virus is taking the country by storm–and not in a good way. Here’s a long story on dealing with it:

http://krebsonsecurity.com/2013/11/cryptolocker-crew-ratchets-up-the-ransom/

Particularly note the existence of CryptoPrevent. This is not an actual endorsement (I’m not technically savvy enough to certify it) but some folks whose blogs I respect recommend it.

Better yet, don’t open attachments unless you’re absolutely certain what they are.

 

 

 

A New, bad reason to be careful with attachments

There’s a new, really evil virus floating around, and a couple of machines at Wayne State have caught it. It’s a new(ish) kind of attack called ‘ransomware’ (according to my buddies at the American Dialect Society it’s also occasionally spelled ‘ransomeware’). If you get it, it encrypts your files. Your data files. Then it prompts you for a credit card, and you have to pay to get your files back. If you don’t, after a set amount of time the encryption key is destroyed and you are entirely out of luck. The files are unrecoverable (unless you have the resources of the NSA 🙂 )

As I mentioned, several WSU machines were recently (last two days) infected with this piece of nastiness.

So, what can you do to protect yourself?

Don’t open attachments from people you are not expecting to get attachments from. This includes ‘people’ like UPS, FEDEX or Kinko’s, unless you know there is actually something that ought to be coming.

Make sure you have our free Symantec Antivirus suite on all your computers (get it at http://computing.wayne.edu/clearinghouse/index.php) and make sure it’s up to date.

Back up your files to a separate drive, and if you’re infected all you will lose is what’s not yet backed up.

If you do get this message:

 

Cryptovirus

 

Immediately disconnect your computer from the network cable (if you’re wired) or turn off WiFi (if you’re wireless) and contact the C&IT Help Desk at (313) 577-4778. Do not attempt to move files or circumvent the problem.

For more information see http://computing.wayne.edu/news-item.php?id=12814

and http://www.snopes.com/computer/virus/cryptolocker.asp