The costs of running this huge site are paid for by ads. Please consider registering and becoming a Supporting Member for an ad-free experience. Thanks, ECF team.

Serious computer ransomware alert - please read

Discussion in 'Computer Security' started by SierraVapr, Oct 25, 2013.

Thread Status:
Not open for further replies.
Image has been removed.
URL has been removed.
Email address has been removed.
Media has been removed.
  1. SierraVapr

    SierraVapr Full Member

    Oct 18, 2013
    Washoe County, NV, USA
    PLEASE SHARE THIS WIDELY: Normally I would not post this sort of thing off-topic, so apologies to the moderators ahead of time, but this is particularly malicious, so I wanted to make sure you guys don't get hit with it. I work for a managed service provider and we received our first call on it today. Luckily not one of our regular clients. They've lost about 30GB of business data because of this.

    Some of you may know already, but there is a recently emerged ransomware called "Cryptolocker", which once infected on a machine, ENCRYPTS ALL DATA ON ALL LOCAL AND MAPPED DRIVES with RSA 2048. There are also reports that it will affect online backups, such as DropBox.

    Removing the malware is easy, but your drives will still be encrypted; and you won't guess the decrypt key even if you're the NSA. Bad juju!

    See bleepingcomputer for details:

    CryptoLocker Ransomware Information Guide and FAQ

    See the section on how to prevent your computer from becoming infected.

    Be careful out there!
     
  2. retired1

    retired1 Administrator Admin Verified Member ECF Veteran

    Supporting member
    Apr 5, 2013
    Texas
    Moved to Computer Security.

    And this is why backups should be made regularly.
     
  3. ycatsce

    ycatsce Full Member Verified Member

    Apr 9, 2009
    I recently had an old client call me up after moving to another IT firm whose prices were $50 a month cheaper than mine in order to "cut costs". They hadn't sent out word to their clients warning of this virus, and they had allowed his antivirus subscription to lapse. When he got infected, they found out that when they changed his shared folder structure to match theirs, they hadn't updated the backup schedules to reflect the changes, so a proper backup hadn't been made in about 9 months. Boy was he upset.

    It took me almost 2 days to get their financial data and documents back and I was only able to get about 90% of it all recovered. Needless to say, I am now handling their IT work again.

    This is a nasty one though. Thankfully, I have only dealt with it on 2 systems so far, only one of which was actually a client of mine at the time of the infection. At least the current client was as simple as wiping out the virus and restoring the files from the onsite backup.
     
    • Like Like x 1
Thread Status:
Not open for further replies.

Share This Page