I try to stay away from the chicken little stuff, but this is far to important and impressive to not discuss.
Many of you know that my day job is mid to higher end tech work.
This post is a direct result of that work.
If you work with files on your computers with the following list of extensions, PLEASE back them up as soon as you can.
3fr, accdb, ai, arw, bay, cdr, cer, cr2, crt, crw, dbf, dcr, der, dng, doc, docm, docx, dwg, dxf, dxg, eps, erf, indd, jpe, jpg, kdc, mdb, mdf, mef, mrw, nef, nrw, odb, odm, odp, ods, odt, orf, p12, p7b, p7c, pdd, pef, pem, pfx, ppt, pptm, pptx, psd, pst, ptx, r3d, raf, raw, rtf, rw2, rwl, srf, srw, wb2, wpd, wps, xlk, xls, xlsb, xlsm, xlsx
We have found a brilliant new “virus” it is actually a Trojan horse, but it is ransomware.Â It is brutal and vicious, but on a technical level it is pure genius (until the various authorities catch up to them).
Malwarebytes has a great write up on it. Please give it a read.
The basic run down of this ransomware is this:
you get an email posing as someone reputable that you may be doing business with and they have an attachment that you need to print sign and fax to them… Well when you open that attachment, you have just infected your machine and all helll is about to break loose.
If you have the CryptoLocker ransomware. you will get a popup telling you so, and there is a four day countdown timer.
You have two choices, pay $300.00 (or Euros) so that they will decrypt your files, or kiss the data goodbye until the private security key can be discovered.
If you have lost data to this ransomware, keep the files. I suspect that after the crooks have been caught, they will disect the master server and the keys needed to decipher the data will be made available.
In the mean time the bottom line is, you either pay 300 bucks to get your data decoded before the four days expires, or you restore your data from backup. I have talked to customers that have paid the ransom and they DID get their data decrypted.