Ransomware Ups the Ante
…And they keep on coming. A new, more troubling ransomeware virus is on the loose. CryptoFortress combines the nasty features of its predecessors (encrypting important files, and deleting Windows’ VSS backups of those files — even on mapped drives), and goes further by reaching out to all network shares — whether or not they’re actually “mapped” as drives on the infected computer. (Read some technical details at http://www.bleepingcomputer.com/forums/t/569157/cryptofortress-a-torrentlocker-clone-that-also-encrypts-unmapped-network-shares/)
Though the infection itself can be removed with some effort, your files will remain encrypted. In absence of a good backup, efforts to recover encrypted files are virtually futile, with the only truly viable solution after-the-fact is to pay the ransom in Bitcoin (about $500 to start). At this point, though, it hasn’t been reported that you’ll actually get the decryption software if you pay the ransom, nor, more importantly, whether it will actually work correctly if you do get it. Anecdotally, we have encountered an instance of a successful decryption after payment of the CryptoWall ransom).
It’s difficult for an every-day IT professional to stay on top of the ever-evolving world of security threats. Our best advice to help you avoid this sort of mess is for you to follow these tips:
1) First and foremost, have a backup of your critical and important files, disconnected from your network. An online (cloud) backup subscription is perfect for this purpose. We offer an affordable, cloud-based backup solution to our business clients.
2) Update Java (www.java.com), or (extreme) turn Java off in your browser (www.java.com/disablejava/);
3) Update your Adobe products, like Flash and Acrobat (www.adobe.com, at bottom-right of the home page);
4) Update your browser
a) Internet Explorer (run Windows Update);
b) Firefox (www.mozilla.org – Firefox usually prompts you to update);
c) Chrome (www.google.com/chrome – automatically self-updates);
5) Keep an active anti-virus subscription (we recommend ESET products like NOD32, but Norton and McAfee products are OK, too; some free, less-robust options are Microsoft Security Essentials, Avira and Avast), BUT DON’T install multiple anti-virus software packages;
6) Add an anti-malware subscription, which can catch non-virus infections that could compromise your system and further download viruses or other malware (we recommend Malwarebytes, but SuperAntiSpyware and Webroot are decent alternatives);
7) Consider installing or activating browser-based protections, like ad blockers and pop-up blockers. These can hamper your browsing experience, and can be a nuisance when you actually want the pop-up, but the benefits can be vast when you’ve avoided a virus or malware infection that would have been delivered, for instance, by one of those ads that automatically plays when you do a Yahoo search.
8) Use some common sense and self-control:
a) Be wary of e-mail attachments you shouldn’t be expecting. The following will probably never to send you an attachment: UPS/FedEx/USPS; your bank or credit card company; any bank or credit card company that’s not your bank or credit card company; the IRS; Microsoft; Facebook; eBay; PayPal; Google. And you should be suspicious of attachments from the following (particularly if the attachment is an HTML file): a Nigerian prince; work-at-home and get-rich-quick solicitations; miracle pharmaceuticals; a fax-to-email service that is not your fax-to-email service (if you have one);
b) Don’t go downloading every “free” utility you come across. For example, many free video player utilities offered out there are stuffed with extras that you’d never want installed on your computer — a lot more than you’d bargained for;
c) Browser toolbars aren’t all that they’re cracked up to be. Watch what you’re clicking on, and don’t blindly click Next-Next-Next-Finish when installing anything you’ve downloaded from the Internet (see previous point).
Besides having current anti-virus and anti-malware protection, common sense does go a long way toward avoiding costly clicks.