Earlier this year, a nasty new type of ransomware burst onto the scene. Unlike others, however, this new one’s bite was every bit as bad as its bark. The Cryptolocker hijacker sniffs out your personal files and wraps them in strong encryption before it demands money.
Although it’s not normally our practice to track and report on viruses and virus outbreaks, as a courtesy, we want to let you know that the Ferrum Service Desk has seen an influx of a “ransomware” infection called Crypto Locker. Customers have reported that this infection occurs when you click on an attachment from a Wells Fargo email address.
This infection will encrypt all of your files using AES 256. Vipre is detecting and preventing some variants of this infection, but new variants are constantly discovered so there’s no guarantee that any AV product will prevent every infection. Because an encryption key is needed to decrypt the files, there is no known way at this time to recover files once encrypted (other than paying the ransomware organization). The recommended action is to remove all shared devices and mapped drives if this shows up on a machine and to restore from a clean backup.
Comments