On 14 Oct, 2014 Support-Services By : admin With : No Comments
The notorious Cryptolocker virus has resurfaced in Australia hiding in emails from Australia Post or Telstra. Protocol IT have been spending a lot of time removing this new generation Ransomware Virus.
For those of you who do not understand Ransomware, it encrypts entire computer data files in exchange for money. Russian hacker Evgeniy Mikhailovich Bogachev is believed to have made US$100 million from his activities. He face charges of his suspected development of Crypolocker.
Australia, however, seems to have received a new variant of the file. While some blogs and website claim that it can be easily reversed, we have found that in a few cases the virus had removed previous versions of your data, not allowing system restores even.
A new service called Decrypt Cryptolocker seems to have helped us sometimes and not others. We have managed to restore some decrypted files for some users. The package, developed by FireEye and FoxIT, is backed by the Australian Government and is completely free.
While we can show you ways to decrypt the virus or any other strain that may come, the best way to manage is not to open every email that you receive. If you cannot identify the legitimacy of the email, send it to your IT support person.
Finally, Anti-Virus is like Insurance. You pay for it but never know when it’s going to save you. Free packages will not work as a paid package. Make sure you always have a valid paid AV package installed. Protocol IT recommend Webroot.