“Locky” ransomware and other new cryptolocker viruses.

Thanks to our member Chill IT for this warning:

Please be aware that there are malicious spam emails spreading throughout Australia, these emails consist of a Word document which advises you to enable macros “if data is incorrect”.

Locky is a new strain of ransomware, so-called because it renames all your important files so that they have the extension .locky.

Of course, it doesn’t just rename your files, it scrambles them first, and – as you probably know about ransomware – only the crooks have the decryption key.

You can buy the decryption key from the crooks via the so-called dark web.

The prices we’ve seen vary from BTC 0.5 to BTC 8.00 (BTC is short for “bitcoin,” where one bitcoin is currently worth about $400/£280).

We advise users:

  • Not to open any attachments that look suspicious via email.
  • Not to enable Macro to documents sent from any suspicious emails.

The most common way that Locky arrives is as follows:

  • You receive an email containing an attached document (Troj/DocDl-BCF).
  • The document looks like gobbledegook.
  • The document advises you to enable macros “if the data encoding is incorrect.”

We urge all users to be vigilant when opening emails, always keep an eye on suspicious links.

Please be aware that there are malicious spam emails spreading throughout Australia, these emails have been impersonating large well known corporations like Australia Post stating that there is a parcel that is not able to be delivered.

Although this may seem legitimate, any links in this email is linked to form of malware known as CryptoLocker and is designed to encrypt your data including documents, spreadsheets, PDF’s, zip files on Network Drives, removable drives and your local machine. Once infected – the malware demands payments from $300 upwards to decrypt your data.

We advise users:

  • Not to click on any links or attachments in these emails.
  • Delete all odd or suspicious emails right away.

We urge all users to be vigilant when opening emails, always keep an eye on suspicious links.

If you suspect you may have opened these attachments accidentally, please turn off your PC immediately and call Chill IT on 1300 726 679

The short URL of the present article is: http://www.rydebusiness.com.au/fVZ6z