Skip to main content

Kidnapped files held for ransom!

October 10, 2013 by Sue Weier

Cryptolocker logo

It sounds absurd, but that's exactly what happens when you are infected with a new virus called CryptoLocker.  This virus encrypts your files so that you can't open or read them.  Then you're asked to pay a sum of money (often $300) to decrypt the files. The encryption is real, and your files may not be recoverable even if you pay the ransom.

How can you avoid this threat?  Some simple precautions may help:

  1. Don't follow unknown links.  Roll over the link to see if the URL matches the site name.  Look at the sender's email and see if it matches the sender's name.
  2. Don't open email attachments unless you know what the document contains and are expecting it.
  3. Keep a copy of your documents on a storage device that can be stored in a safe location. This may be the only way to recover your documents, since the virus can encrypt files on drives and network resources connected to your computer.

If you are concerned that you might have the CryptoLocker virus, do the following.

  1. Shut your computer off.  If you can't shut the computer off, unplug the network cable and disconnect from your wireless connection.
  2. Immediately contact the TechZone for assistance (techzone@lss.wisc.edu).  In most cases, this will mean reformatting the drive and reinstalling the operating system and software. 

Don't be a CryptoLocker victim!

If you'd like to see images and more detailed information about
CryptoLocker, read Cryptolocker Ransomware: What You Need To Know on the Malwarebytes blog.

Did you know that October is CyberSecurity month?  Visit the events page to see what's scheduled.

Premium Drupal Themes by Adaptivethemes