Locky Ransomware Sent as Invoice Attachment

Locky ransomware is the latest threat and is a variation on previous encryption attacks. It is delivered by email and fools you into opening an invoice attachment.  After deploying, it encrypts files on local and network drives. Although CryptoLocker and CryptoWall used different methods to gain access to your system, they had the same goal to get you to pay a ransom to unlock your files. At this writing, Locky is using an email attachment of an invoice as its entry point, but the delivery will certainly change as the threat evolves. After you click on the invoice, the view looks scrambles and you are prompted to instructed to Enable Macros.  Once you do that, Locky executes and encrypts your files. Locky has some additional attack strategies not seen in previous crypto-type of attacks.  Here are two links if you want to read more: Locky Information from Bleeping … [Read more...]

Microsoft Calling – Your Computer Needs Help!

The day is going well. You answered all your email and now you’re working on a presentation for next week. The computer seems a little slow, but it’s a large file. The phone rings … “Hello! This is Jake from Microsoft and we have been alerted that you have a virus on your system. I would like you to go to: http://www.#@$!.com (this is not a real website) and put in this code so that I can help.” Stop! It’s a scam. Shortly after you allow them to login, they will be asking for your credit card number. You will be a victim. Don’t engage them, just hang up. You will never receive a legitimate, unsolicited call from Microsoft or its partners to charge you for computer fixes. Even if you became suspicious and did not provide your credit card, if you allowed them access to your system, you must: Change your passwords. Change the password on your email, bank and other critical … [Read more...]

The Internet of Things and Baby Monitors

It is reassuring to know that you can use a baby monitor to keep an eye on your child from anywhere.  Or is it? The Internet of Things is created by devices that inventory, capture and record everything in our world and make that information available electronically anywhere - anytime.  Devices, like baby monitors, that provide information through an Internet connection have seen fast growth. The convenience they offer is attractive.  But what if the security they provide is lacking? Recent accounts have shown many baby monitors have security holes.  There have been a couple of reports where the hacker got into the monitor and did some very inappropriate and disturbing things.  It is impossible to know why hackers do what they do or understand how someone could be so crude, but the important lesson is that you have to be vigilant and protect yourself. There are so many … [Read more...]

Update on Crypto Threats

Whether CryptoLocker, CryptoDefense, CryptoWall or another Crypto-Threat, they encrypt your files and demand a ransom to unencrypt. As each new Crypto-Threats attack is released, it has new characteristics to avoid detection and cause more damage.  For instance, the type of files that it encrypts has grown and the ransom demands have become more sophisticated.  Early versions had an expiration date beyond which you could not retrieve your files.  Newer versions raise the ransom as time goes by and there have even been reports of victims negotiating payment with the cyber criminals. As the extortion becomes bolder, victims are hit harder and have to pay more.  Bitcoin has become the ransom payment currency of choice causing speculation that this could damage the Bitcoin brand. The attacks hit the US hardest even though ransom payment had greatly declined. As Crypto-Threats have … [Read more...]

CryptoLocker – Finally some good news

  CryptoLocker has been causing havoc with computer users across the globe.  It infects your computer, encrypts your files and then demands money to unlock them. Paying the ransom is never recommended, but many paid because they had no way to restore their irreplaceable files. Of course, the best defense is a good backup.  Have to say it again - you should have a good offline, offsite backup. (See the next article for an easy-to-implement backup strategy.) It is the best defense for all types of disasters. But if you didn't have a backup you either paid the ransom or suffered without your files. Today, there is hope.  The incredibly smart and dedicated folks at FireEye and FoxIT have a decryption tool. The tool runs at the DOS prompt, so you have to have some understanding of syntax to execute.  We downloaded the tool and successfully unencrypted an entire filesystem that … [Read more...]