CryptoLocker Uses Fake Adobe & Microsoft Codes

We start the new year with a vital UPDATE on the CryptoLocker Ransom Virus whose creators have devised yet more devious ways to encourage unwary users to download it to their PCs.

A New Variant

The recently discovered CRILOCK-A spreads more easily than previous forms of CryptoLocker and is especially dangerous as it uses worm-like features to spread from your PC hard drive to your removable drives. So, if you have any device connected by USB to your PC: a memory stick, an Android Smartphone or a removable hard-drive for data back-up and you unwittingly download the virus, all data stored on the device is at risk. Worse – if you then connect the infected removable drive to another PC the virus can spread yet again.

Sneaking in Disguised

Yet more sinisterly, the new malware differs from the known CryptoLocker variants. Rather than relying on the user clicking on a downloaded file attached to a Spam email, this version pretends to be an activator for various software such as Adobe Photoshop and Microsoft Office. Users find these links on P2P (peer to peer) file sharing sites where pirated software can be illegally downloaded.

Put simply; this allows cyber hackers to easily infect systems without the need to create (and send) spammed messages.

How to Avoid the Threat

Avoiding this threat means extra vigilance and putting routines in place to reduce the risk of infection. Every member of staff in your business needs to be up to speed as the virus relies on human error to get into your system!

Create Safe Routines

  • Inform and educate all your staff about the CrytoLocker Virus and the CRILOCK-A variant.
  • Ensure your Anti-Virus software is up-to-date on ALL your PCs.
  • Always scan all removable drives as well as your PC.
  • Do not let staff plug personal USB drives or portable hard drives into any business PC unless they have been scanned by anti-virus software.
  • If you back up to a removable drive… ALWAYS disconnect from the internet BEFORE you plug in the USB drive and run your back-up software.

A Success Story – Data Disaster Averted

We are delighted to report that thanks to our regular Client Alert newsletters, one of our customers knew exactly what to do when they were affected by CryptoLocker just before Christmas. They didn’t panic… gave us a call and within an hour we were working on restoring their data. Read their testimonial here.

For more information, please read the following article: CryptoLocker Ransomware Information Guide and FAQ

If you need any help or advice, do contact us on 0808 168 5999 or katy@networksupportsolutions.co.uk