Towards the end of 2013, there was a computer virus outbreak called Cryptolocker which when executed infected all files on the network by encrypting them (making them unreadable) and held them to ransom demanding a large sum of money! This type of virus is known as Ransomware and was thought to have extorted more than $27million from it’s victims!
The good news is that CryptoLocker was isolated in July 2014. However the bad news is that a new wave of the virus has reared it’s ugly head and writing this in 2017, we’ve recently seen the NHS hit with the WannaCry virus (also known as WanaCrypt0r 2.0) and shortly followed the “Petya” virus. These viruses resulted in more than 400,000 infected computers across 150 counties!
This ransomware is known as CryptoWall 4.0 and is said to be more troublesome than it’s previous edition and more difficult to detect.
CryptoWall 4.0 not only encrypts personal files, but it also renames them and removes the file extensions making it even more difficult to know what file is what as per below’s image!
So why are we telling you this?
Whilst we can do everything we can to keep computers patched, backed up and up-to-date with the latest virus definitions and system updates, unfortunately nothing is 100% bullet proof and with threats always emerging, the majority of cases have actually come from un-tech-educated, internal users downloading the viruses or executing infected files directly.
Therefore the nature of this post is simply to increase awareness of the threat and to advise you to be extra careful when browsing the internet. Refrain from the use of, or downloading of pirated or unknown ‘free’ tools from the internet which is one way these Trojan’s can enter your network.
A second and perhaps more common way in is via email. If you receive any emails unexpectedly, with ZIP or EXE file attachments (even from trusted sources), it’s better to check with the sender first that they are legitimate before opening the attachment.Remember: CryptoWall will not infect the computer until the file is executed!
What to look out for?
Typical examples of malicious emails disguise themselves as:
- Xerox PDF attachments
- UPS or FedEX claiming to contain tracking information
- Invoices in ZIP or EXE format
- iCloud – requesting to reset your Apple password
- Amazon or Paypal asking you to return items or confirm payment
If you have any queries or doubts about an email you receive, don’t open and delete it. It’s better to be safe than sorry!
What to do if your computer is infected?
If your computer has been infected with a virus, the first thing you should do is disconnect or detach yourself from the network. Turn off Wi-Fi if applicable and/or remove the Ethernet cable from the computer immediately. Leaving your computer online poses risk of infecting other network devices and resources so disconnecting yourself eliminates that threat and should be your first action step.
Thorough virus and malware scans should then be run on the computer. This can be a lengthy process depending on the nature and type of infection and it’s best to have an IT professional take care of this. All traces of the virus should be completely removed before re-connecting back to the network.
Call Our Tech Team for more detailed information on diagnosing and troubleshooting virus infections.
UNTIL NEXT TIME … STAY SAFE