Ransom malware

[Candybee]

I don't know how long this type of malware has been around but be on the lookout for it. Its been growing exponentially in the last year and in the last six months has targeted a lot of businesses. Some repeatedly.

 

Read about it here: http://en.wikipedia.org/wiki/Ransomware

 

This happened to me about a couple months ago. All my files were locked up and I when I tried to open them I got gobbly gook and a directive that I had to go to a certain site and they would unlock my encrypted files. Fortunately I did not do this and deleted the files. I lost everything including all my photos, word, and excel documents. I ran a full scan using three different malware programs and they kept finding all the infected malware on my computer. Plus it took several full comp scans to get everything over a few days. Never saw so many warnings on my computer before ever! But finally I got them all cleaned out.

 

The thing is they typically re-strike their victims that pay them and they can continue to do so over and over again.

 

From what I read they are finding entry through your emails. They embed the malware in normal looking emails like authentic looking UPS emails. Naturally when you order something and its ships UPS you don't think anything of opening the UPS mail especially when the vendor you ordered from says they shipped UPS. That is just one way they can gain access to your computer. So as always be suspicious of emails. Never open an email from someone you don't recognize and beware of even normal looking emails from delivery companies. You can always check with your vendor email and get the shipping number from them. Then go directly to the UPS or USPS or Fed Ex site and check there instead of opening the email.

 

Just wanted to alert everyone because if it can happen to me it can happen to any small business owner.

[Unique candles]

thank you very much for the important info

[Candybee]

Just wanted to give this a   to make sure more people get to see this thread. We are going to be seeing a lot more of this malware effecting businesses in the coming year.

[Jcandleattic]

One of the reasons I've started backing up my files at least once a week. 

[puma52]

Thanks Candybee! A warning everyone should heed! Too bad we can't somehow blow the virus back to the bad guy's computer.

[Candybee]

There are some effective ways to deal with this:

 

1. Back up your files regularly. In the event you are infected and have to delete your current files, your backup files can be reinstalled onto your computer.

 

2. If you are on a network unplug the infected computer ASAP so it doesn't spread over the network to other computers. This is for computers on networks only. Not for a personal non-network computer.

 

3. If you are infected-- don't turn your computer off! Turning your computer off and back on again will lock in the install of the malware. Instead, run a complete systems scan immediately with your antivirus program to root out and destroy the virus or malware. If you have to, run several malware or antivirus programs. There are several free ones on the internet and many of the large well known companies have free versions. I use AVG, Adware, and Winferno all for free. The AVG and Adware found and destroyed all my ransom malware. I use Winferno to clean out my registry after so my computer runs more smoothly.

 

4. Sadly, and very importantly, delete all infected files. This will take time, maybe even several days. But unless you are willing to pay these people to unlock your encrypted files deleting all of them is your only option. Besides, they are now useless as they are fully encrypted.

 

5. You can also find anti ransom malware protection programs, install one, and run it if this happens to your computer. But more importantly, they can help detect this type of malware before it can infect your computer.

 

6. As always, NEVER open unfamiliar emails. Since it is known that one of the entry portholes these villians use is email it is even more important to delete any suspicious email. Also, beware of delivery company emails like authentic looking UPS emails. If you know you don't have a UPS delivery be very suspicous. If you are expecting a UPS delivery, contact UPS on their official website or call them for delivery information. Many of these ransom pirates are using delivery emails to fool potential victims as a means for delivering their viscous malware.

 

7. Use an antivirus program that also scans websites before you open them. McAfee is just one  example of this. They have a program that allows you to run your cursor over a website directory before you click on any website. It will alert you if it detects a potential threat on that website before you click on it to open it up.

 

[Candybee]

We are entering a new age of cyber attacks. Attacking company computers and encrypting files and holding them for ransom is becoming the new rage and so far is turning into a very lucrative business for cyber criminals. These criminals often re-attack their victims every few months to extort even more money. I have read several stories of businesses that have been attacked and the chaos they can create is extremely damaging. They are so good at it that some individuals would rather pay the criminals than having to deal with the damage it can cause.

 

These cyber attacks are definitely on the rise and the FBI expects they will increase exponentially in the coming year.

 

Being prepared is your best bet. Look specifically for anti-virus programs that protect against ransom malware. More and more companies are including these in their computer protection programs.

 

I was attacked and it was by far the worst computer infection I have every experienced. Even after I was able to clean out my computer it took days to delete my files and the psychological impact was huge. Its like a home invasion complete with destruction. I never want to go through that again!

 

Plus I am not a big corporation. I run a very small home crafting business so imagine my surprise that these criminals are attacking home businesses and individuals as well as the big guys. So really no one is safe!

Edited April 28, 2015 by Candybee

[rctfavr3]

This very thing happened to my Grandmother's computer last month. She lost all .TXT files, word documents, saved images. Everything! No way to recover them. Not sure how she got her PC infected but I've certainly beefed up the malware and virus protection. Ransomware is a horrid little beast. Scrambled, unopenable files. Completely and utterly useless now.

Edited April 30, 2015 by rctfavr3

[Candybee]

Sorry to hear that happened to someone in your family.