Posts Tagged ‘virus’

CryptoLocker Ransomware – Don’t get Caught

Friday, April 25th, 2014

Man in despairI am sure most people are aware that there are some pretty nasty bugs and malware being sent around the Internet.

Some hijack your email and send spam to your address book, others are designed to sit secretly in the background and simply use your systems resource and internet connection as a gateway to send spam or process tasks in the background. Some try to steal your identity or personal information either through logging your key strokes or duping you in to entering personal details into a fake website. Some will try to ‘break’ your system by changing settings or files .

Now, these are not nice and can be a nuisance to get rid of. Generally, any decent anti-virus product will protect your system and stop these programs from running or at least stop them in their tracks. You can then restore any damaged or missing files from your backup, though normally any data will be retrievable anyway, even in the case of a complete reload of the system.

There is one virus however, which can cause the loss of all your data and files and for which there is currently no known resolution apart from paying a lot of money – and even that will not guarantee a return of your data.

The CryptoLocker virus sits dormant on an infected machine until that system is rebooted. This then triggers a file to run on restart which secretly works its way through your files encrypting them and making them unreadable. Not only will it work its way through your hard drive, but it will search through any mapped network drives or connected USB drives encrypting them also.

Screenshot of Cryptoware warningAs a final nail in the coffin, it will attempt to delete and disable any historical shadow copies, just to make doubly sure you have no way of retrieving your precious data.

Only when it has finished will it display its message on your desktop to tell you your system is infected and with details on how to pay and retrieve the key to decrypt your data.

So, how can you protect yourself? Generally the virus is transmitted via an email attachment. These are appearing more and more genuine and those we have seen include Companies House submission reports, Bank statement notifications, delivery instructions from major courier companies and HMRC tax return notifications. The attachment pretends to be a pdf document but is in fact an executable file which runs and then infects.

Image of Bullguard protection software packageFirstly, do not open or even preview an email you are not expecting from these sort of sources. If in doubt, delete it.

Secondly, make sure you are running up to date, valid anti-virus software. This will help to pick up any known executable files as they run on your system.

Thirdly, there is a small application, written by FoolishIT LLC which can be installed on a PC to help protect against this particular threat. It stops certain file types running in certain locations on your PC. This will help to protect against the virus but may possibly impact some other 3rd party software also. You can download CryptoPrevent from the following page: http://www.foolishit.com/download/cryptoprevent/

Backup imageFinally, make sure your system is regularly backed up but, if you back up onto a USB disk, do not leave this permanently attached to your PC. Depending on how you back your files up, this could become encrypted also should you be infected.

Should you be unfortunate enough to be a victim of this virus, and you simply must try to retrieve your information, you have a limited time to follow the instructions and decrypt your files. Currently, there is no other alternative to retrieving any encrypted data. Success rates vary and paying the ransom does not guarantee your files will be saved. If you do want to take this route, then do not make any attempt to clean your system until you have tried to decrypt your files. If you remove the key files from your system then you could end up having to pay more money or not be able to decrypt your files at all.

For more information on keeping your systems safe and secure, please contact us.

Do you know what you’re downloading?

Thursday, May 6th, 2010

We all download software, tools and utilities from the Internet. Maybe you need to do something as a one-off, want to trial some software or find a free tool that might be useful.

But do you know exactly what you are downloading and where it is coming from?  Is the site reputable?  Are there other things that might be included in your download apart from the particular item you require?

There are a few hints and tips you can use to check your downloads are not going to catch you out!

Check the reputation of the site

Use a free web browser security tool such as McAfee SiteAdvisor which will stop you inadvertently going to a site known for viruses, spam, malware and other nasties.  As well as blocking known dodgy sites it will also display symbols next to your search results showing which links are safe to follow and which you should treat with caution.

What are you downloading?

It’s easy to get distracted by the wonderful advertising and wording on some sites.  If you are downloading something which is supposed to be free, be wary of entering any payment details or too much personal information.  You may find yourself subscribing to a service you don’t want and which is difficult to cancel.  Sometimes you can find yourself following 2 or 3 links before you finally think you’ve found your download link only to find it’s for something else, so double check before clicking the download button.

Check the small print

Read through the license agreements and any small print before clicking the ‘Agree’ button.  Check what any information you enter will be used for and the license terms for the software or downloads.  There are lots of things which can be downloaded and used for personal use but not for commercial purposes for example.

Only install what you need

When you’ve found your file, on a reputable site, and it’s been downloaded you may think you’re home and dry, but there are still some things to look out for.  Read the installation instructions carefully.  Watch out for tick boxes that relate to other items such as unrelated toolbars, security products and search tools.  These items are generally not related to the software you are installing and can use up resources on the PC.

Finally…

If there is a piece of software or a utility that you want and it’s not available free of charge then you are unlikely to find a copy or a key code on the Internet.  There are crack-sites out there offering serial numbers or free downloads of games and software but normally all you’ll end up with are viruses, malware and spam.  Most software manufacturers are wise to the trade in illegitimate software and keycodes.  Most applications need to be authenticated online before they will work and once the key has been used once or twice it won’t work again without speaking to the manufacturer and providing proof of purchase.

On the plus side there are lots of open source and free applications available to download from reputable websites and as long as you take care over which sites you visit and what you download then have fun experimenting with some new applications!