**ALERT** Ransomware is on the Rise...

 "I seriously just want to throw my computer out the window and forget about it completely. I am just done with it"

"We bought a Mac because everyone told us it wasn't possible to get Viruses on a Mac. Now my whole business is gone. What can I Do?" 


Ransomware on a Macbook

These are only some of the disheartening comments I have received lately as I was handed computers to repair that were infected with the latest and nastiest ransomware out there. Ransomware, a particularly troublesome type of malware, is a malicious software that denies you access to your computer or files until you pay a ransom to have access restored. I have encountered three different types of ransomware, "Screen Lock" based, "MBR" Based and "Encryption" based. I have removed this software from more than 20 computers since February alone. A MASSIVE increase from previous years.  Both of the first two are extremely difficult to remove, but can be dealt with and in most every case, your data saved. The latter however, "Encryption" based is becoming more and more common and may be one of the worst forms of malware ever. The software takes over your machine, and "encrypts" or converts all your data into a specific code that requires a key to unlock. Unless you pay person who infected the system, you will be unable to get the code to unlock your files. And a new, especially nasty virus has hit the scene, known as CryptLocker.


CryptLocker at work...

This software uses incredibly strong cryptography to lock all your files that you have permission to modify, INCLUDING THOSE ON EXTERNAL DRIVES connected to the machine, and NAS or Network Attached Storage devices. Once infected, it displays a random message demanding payment withing a certain timeframe, which is normally 3-5 days from the date you were infected. Payment is always demanded in the form of an anonymous prepaid cash service like MoneyPak, Ukash, cashU, or Bitcoin. As of this writing, there are no known consumer level software tools for removing this nasty virus. The only solution has been to pay the criminals. Decryption is incredibly difficult, if not impossible, unless you have access to the private key the cybercriminals set up. If you get infected, without paying, there is a high probability you will never see your data again. 


Here are some tips to help: 

  • NEVER leave Your External Backup Drive hooked up to your computer when done. Backup, and when finished, Disconnect it.  
  • DO NOT open attachments in emails unless they are from close trusted family members or friends, and even then, do not open attachments EVER with the file extensions: .exe, .zip, .rar, .bat
  • Regularly back up your files. Do both local OFFLINE backups and Online Backups through services like Carbonite. If you are unfamiliar with how to perform local backups of your data, see these great tools from Acronis, Genie 9, and Rebit 5. And if you prefer, Rethink Associates provides quality backup solutions as well. Let Us do it for you!

If you become infected with any of these viruses or any others:

  • Immediately Disconnect all external drives from your system to prevent infection.
  • Disconnect you computer from the Internet, as some of these spread to other computers on the network.  
  • Contact Rethink Associates so that we can help!