November 8, 2013
This message pertains to recent news stories on various cable networks, including our local WNEM TV 5 reporting about Cryptovirus (aka CryptoLocker). The reports are about a serious and nasty variation of other past ransomware viruses like FBI CyberCrime and Homeland Security. Watch this video for some insider technical information about how this virus works, from Sophos.
This latest variation informs you that your system files have been locked (encrypted) and you must pay $300 with X amount of time to get the key to unlock/decrypt your machine (or risk losing the key forever). And it actually does encrypt your files (see news articles below for a list of common files). Of course, there is no way you can trust them to provide you the key (after you give them your account information and money).
This infection is typically spread through emails sent to company email addresses that pretend to be customer support related issues from FedEx, UPS, DHS, etc. These emails would contain a zip attachment that when opened would infect the computer. These zip files contain executables that are disguised as PDF files as they have a PDF icon and are typically named something like FORM_101513.exe or FORM_101513.pdf.exe. Since Microsoft does not show extensions by default, they look like normal PDF files and people open them.
The only way to ensure you do not lose your files is to:
Additional information below:
The recent Walmart Email is just one example of the Blackhole Exploit - read more here: