We have warned previously about the CryptoLocker/CryptoWall ransomware exploit previously, which begins with a phishing email designed to look like a past due invoice or a tax notice. Opening the ZIP attachment would install encryption software which would render your files unusable without the encryption key, which the perpetrators would graciously sell you for amounts beginning at $200 and going up from there. How much depends on the value of your stuff and your apparent ability to pay. Personally, I have seen amounts as high as $1000, but heard about large companies having to pay in the tens of thousands of dollars.
Well there is a new variant of this exploit that includes an old-style virus component. The virus part allows this exploit to infect many parts of your system, and spread to other systems you are connected to on a network. If left unchecked, this can spread across an entire company.
Because it infects so many files in a computer, it is hard to remove. The only safe path back is to pay the ransom (really, how safe is this going to be?) or to wipe the drive and reinstall the operating system and applications from scratch, and restore your personal files from a good backup.
So what can you do? Firstly, quick opening file attachments and clicking on links in emails without first verifying the source. Many of these emails are described on the web and a quick Google search will let you know this email is part of a scam. Or check out the attachment or link on VirusTotal.
Of course, you need to have a backup procedure in place too, for so many good reasons, not just this one. If you are not backing up your personal files and work product then you are just simply playing Russian roulette with your business.
For more information:Share