There is a new ransomware virus named “Locky” that has been quickly spreading around the past few weeks, infecting people’s computers all around the world.
For those who are unsure what a ransomware virus is, it is a specific type of malware that restricts access to a computer, usually in the form of encrypting files so they cannot be accessed. The virus then demands the user pay a “ransom” to the creators in order to remove the restrictions. What makes these virus’ really nasty is that there is no way to un-encrypt the infected files without a “key” from the creators, so people are forced to either recover their files from a backup, or pay the ransom to get their files back.
Locky is infecting computers through malicious email attachments. A user will receive an email, designed to look like it may be legitimate and from a reputable source (such as Australia Post), that contains a zip file or word document as an attachment. When this attachment is opened, this virus gets to work encrypting all the files on your computer so they cannot be accessed, and renames them with the extension “.locky”, which is where it gets its name from. After it has finished infecting the files, it then leaves the below note in the folder that contains the infected files, along with changing it to your desktop wallpaper. This note informs you what has happened to your files, and gives you instructions on how to access a hidden web site on the Tor Network to see how much your ransom is, and how to pay it. The ransom amount seem to vary between $300 – $600 AUD, but some large companies have been hit with ransom amounts ranging in the tens of thousands. As the payment needs to be made using Bitcoins, this makes it impossible to trace, and thus very difficult for law enforcement to shut down these scammers.
To make sure your systems are protected against this new threat, just follow these simple guidelines:
- Always make sure you have an up to date Anti-Virus software running on your computers
- Always make sure your systems and programs are fully patched with the latest updates
- Always make sure you regularly backup your system and all your important files
- Frequently check your backups, to make sure you can recover files if needed
- Don’t leave your backup disk connected to the computer, as these types of virus can also infect network folders and locally attached USB hard drives
- Never open any email attachments from people/companies you do not know, or from emails you’re not expecting (especially if they are .zip, .exe or .doc files)
- If you are suspicious about an email you received, call the person/company directly to see if it is legitimate
- Notify everyone in your office and home about the dangers of this new virus
If you are worried that your companies systems are not 100% protected, then email to use today at firstname.lastname@example.org about our Anti-Virus, Patch Management and Backup Solutions that can suite your business needs.