Two weeks ago, the National Communications Administration managed to weaken a set of malware designed to steal banking and personal credentials from unsuspecting users. They warned the world that GameOver Zeus and Cryptolocker ransomware would be back with a vengeance, and that immediate action could prevent a whole lot of pain later.
About the Threats
Cryptolocker was discovered nearly three years ago in 2011, and infected as many as 250,000 systems within the first 100 days it was active. The GameOver Zeus botnet threat augments this malware, and uses peer-to-peer software to scan your computer for banking credentials or valuable information. If it fails to find anything, it encrypts your hard disk drive, preventing you from accessing your own PC. It then installs Cryptolocker, which will basically hold your computer hostage until you pay a decryption fee. Cryptolocker utilizes Microsoft’s CryptoAPI cryptography software, a third-party certified program and very difficult to work around. You are then given a set amount of time to pay the fine before your computer is completely encrypted.
What Can You Do?
Iron Edge is here for you in this trying time. Here are a few tips to protect yourself and your business from Cryptolocker.
- Pay attention. This malware spreads when the user visits a malicious website or opens an infected email. These emails will typically try to get the user to enter in sensitive information. The best way to fight these emails is to never open an email that you don’t recognize, and to look for a lack of personalization or insecure URLs.
- Back up your files. You should always have your data backed up in at least two locations. For businesses, this means storing your important files on a centralized server (NOT the workstation) and utilizing a solution like our BackupIRON solution that will keep your data backed up securely. Utilizing off-site and cloud backup solutions are also important when considering your business continuity plan.
- Keep your security software updated. Always be using the latest version of your security measures, including antivirus, firewalls, and web filtering software. By doing so, you’ll be taking valuable steps toward keeping your system at minimal risk.
- Run frequent security scans. Check your system regularly for infection, and make sure that nothing out of the ordinary is happening within your PC. Most antivirus software allows you to run a scan, which will inform you of any abnormalities.
- Always keep your operating system up-to-date. Updating your operating system is imperative to keeping your system’s vulnerabilities patched up and safe from threats. The purpose of these updates is to keep your computer safe from new and rising threats (like Cryptolocker, for example), so it would be silly not to employ them.
If you see this screen, take the following actions toward limiting the impact that the malware has on your system.
- Disconnect your computer from the Internet, either by unplugging the wired connection or disabling the wireless connection.
- Disconnect any external storage units, such as USB units, and disable any cloud storage software you may be using.
- Do not attempt to remove the virus on your own. Contact the professional technicians at Iron Edge for assistance with removing the threat.
You can attempt to restore your system using a Windows Restore Point, but we recommend taking no action until a technician can investigate. You have limited time before Cryptolocker takes over all of your data, so don’t wait to call us at 832-910-9222. At this time, there is no way to decrypt files without paying the hackers for the decryption key.
If you’re computer has been locked down by Cryptolocker, we’re sorry to say that it is very difficult, perhaps even impossible, for the average user to remove the ransomware on their own. Don’t let malware keep your files under lock and key. Call Iron Edge at 832-910-9222 to get professional help before it’s too late.