IT Blogs & News - Written by IT Professionals - iuvo Technologies

New Malware could destroy ALL your data!

Written by jmccain | Dec 5, 2013 2:58:30 PM

Your data (and all the data on your network) is just one click away from being locked up by scammers. If you don’t pay them, they will throw away the key.

Building on the MoneyPack malware that has spread in the last couple of years, scammers upped their game with the CryptoLocker malware: it silently encrypts the files on your Windows computer, making them inaccessible. Once the files are encrypted, it pops up a screen telling you the bad news and requesting a ransom for the key. Depending on the variant, it may also encrypt files on your network drives (think, your company’s file server) or folders that sync to the cloud (like DropBox).

If you pay the hundreds of dollars in ransom, they say they’ll decrypt your files, but you have to take the word of a scammer on that. Your best chance of recovering your files is to restore them from a backup. You have backups, right?

The best way to avoid losing data to this new threat sounds like a Best Practices manual for computer usage. Following these suggestions will protect you from CryptoLocker as well as a variety of other nasties. Plus it could help you recover from hardware failures too:

  • Don’t open links or attachments sent in email unless you expect them. Many of these infections come from spam that looks like customer service requests from shipping companies like UPS and Fedex.
  • Make sure Windows and your Antivirus software is up to date.
  • Run a malware scanner like MalwareBytes (our recommended software)
    • As a company, consider deploying a managed solution like MalwareBytes Enterprise Edition which can easily be ‘pushed’ out to your PCs.
  • Backup any files that you cannot recreate easily
    • In this case, multiple backups are a good idea since some variants of this malware actually try to delete Windows Backups and could encrypt any files that are locally accessible. Cloud-based backups like CrashPlan are a good addition to local backups.
  • Disconnect your computer from your network (unplug Ethernet, turn off WiFi) as soon as you believe you are infected.
  • Change all of your online account passwords after a trained professional has ensured the machine is clean.

Following the tips above will help you avoid this new strain of malware and recover from it if you (or someone on your network) get infected by it.
View full post