Byte Me Article 202 – Stay alert for PC virus creating havoc locally

Stay Alert for PC Virus Creating Havoc Locally

If you value the files on your computer then I urge you to please read on!

CryptoLocker is a worldwide computer virus that is really turning up the heat for unsuspecting computer users.  It first gained the widespread attention of Internet users late last year and was in fact the focus of 4 consecutive weekly articles in this very column starting on Saturday the 12th of October.   It is a virus that propagates through the email system by disguising itself as an email from a bank or government institution.

I suggested last year that we would see more of this type of Internet threat and this is now the reality.  The virus has been cleverly re-engineered to get past existing anti-virus measures to once again wreak havoc with your data.  CryptoLocker falls under the category of Ransomware which means that it is not after your passwords or data – it is simply using extortion to make a beeline for your money!

2014-11-29 Byte Me Article 202 - CryptoLocker Strikes Again

The virus actually encrypts your files to prevent you from opening them and asks you to pay a ‘ransom’ to have them ‘unlocked’.  Paying this ransom only nets the creators more money to add to the millions that they have already generated through this scam – however it will do nothing to get your files back.  Encrypting your files this virus simply locks from being used unless you have the correct ‘unlock key’ – which is in this case a military strength code.  In other words – the unlock key cannot be ‘cracked’ or bypassed & hence your infected files are rendered totally useless.

CryptoLocker locks all of your pictures, word & excel documents as well as most email files and also a spate of accounting files.  There are a host of other ‘user’ files that the virus can lock as there are now several ‘strains’ of CryptoLocker which vary in their severity.  The virus also spreads rapidly across network connections & USB connections to infect network shares and backup devices.

The most recent attacks of the virus have been from emails disguised as a speeding fine from the NSW Office of State Revenue.  Under this guise the email asks the user to click on the attached links to their Penalty Notice and Speeding Photo.  When the user does this nothing appears to happen as the virus is already downloading and installing on your PC in stealth mode – the damage is already done!  We have seen over a dozen instances of this happening in just the last few days!

Anti-virus companies or Windows patches should help to eliminate this new form of the virus in the next few weeks however I have no doubt that we will see it again in other re-engineered forms in future.  However – it is right now that you need to be most active in guarding against letting it into your PC.  There are several procedures that you need to follow.

Never open an attachment or click on a link that is served up to you within an email from an unknown source.  Always keep an external backup of your important files including your photos, emails, documents, data bases and tax packages.  Don’t leave this backup drive constantly connected to your PC – unless the backup software uses its own method of file encryption & always keep both your anti-virus software and your operating system updated and patched.

Future Byte Me topics can be emailed to [email protected] and Bruce is contactable at Kerr Solutions, 205 Musgrave Street or on 49 222 400.

For more advice and assistance from Kerr Solutions, like and follow us on Facebook