Cryptolocker Ransomware – Virus Warning
OK! Folks heed this warning, if you have been receiving malicious emails with various lures including subject lines payroll or package tracking from UPS, and FedEx; as well as bank correspondence and voicemail notifications. Some identified keywords used in these emails include:
Payroll Received by Intuit
ADP RUN: Payroll Processed Alert
Payroll Manager Payroll Invoice ADP RUN
Payroll Processed Alert Annual form ACH Notification
Annual Form – Authorization to Use Privately Owned Vehicle on State Business
DNB Complaint – (Number)
DO NOT OPEN ANY ATTACHED .ZIP FILE!!!!!!
These .zip files contain the Cryptolocker ransomware. Basically this infection will scan through your PC looking for documents and other data and it will encrypt those files, the criminal will show an amount of money between $100 – $300USD to decrypt your data.
The encryption used is virtually impossible to crack leaving you with no documents, this will also scan mapped network drives encrypting all documents on servers.
Just removing the infection will NOT get your files back!
My advice is keep a regular backup and please, DO NOT OPEN ATTACHMENTS from any of the above described subject lines, I have come across a couple cases of this now and had to be the bearer of bad news that the encrypted documents are not retrievable. The only way to get back your documents is to pay the ransom and have the thieves decrypt your files – or go to your backups if you have them.
I have seen quite a few of these coming through my own spam filters, Back up those files and keep your virus software up to date!