RansomFree – A New Tool For Ransomware

““RANSOMWARE IS EASY TO UNDERSTAND BUT HARD TO BEAT. IT INFECTS THE MACHINE, ENCRYPTS ALL FILES AND THEN DEMANDS PAYMENT TO GET THE FILES BACK. RANSOMWARE WORKS SO WELL THAT MOST VARIANTS WILL EVEN REMOVE THEMSELVES WHEN THE DAMAGE IS DONE, KNOWING YOU HAVE THE CHOICE OF EITHER PAYING THE RANSOMWARE AUTHOR TO GET YOUR FILES BACK, OR RISK LOSING THEM FOREVER.”” — — HTTPS://BLOG.MALWAREBYTES.ORG/NEWS/2016/01/INTRODUCING-THE-MALWAREBYTES-ANTI-RANSOMWARE-BETA/ RansomFree is a new piece of software that promises to keep you safe from Ransomware which many businesses and home owners still get after clicking a link in an email. The vast majority of antivirus solutions fail in protecting you from Ransomware. RansomFree will block suspicious activity. RansomFree will prompt you before your files are encrypted, asking you to allow it to stop the offending process and clean the threat from your machine. Please remember you still need an antivirus and do not click on links you do not know.

Continue Reading

Cryptolocker Update – It Is Still A Big Issue

I am still seeing a lot of people fall for Cryptolocker through clicking emails that will cause it to run through their computer and infect any drives that are attached. Do not fall for the: Australia Post email Banking Emails Telstra Emails saying you will get a refund AGL Invoices Fictitious invoices and statements I am also seeing people who are saying that they have had their computer cleared of Cryptolocker ( they do not get their files back btw ) by running an antivirus solution through it. Let me emphasize : If you have been infected with Cryptolocker it is the ” scorched earth policy “, your computer has to be wiped back to factory settings and all drives on that machine have to be wiped , you then need to reinstall from a known good copy of Windows. You can then put your programs back. An antivirus solution can leave remnants behind. If you do not have a backup of your data ( you really should ) and decide to pay the ransom , there is no guarantee that you will get the decryption key back to get access to your files. If you do get it back… Read More

Continue Reading

Telstra – AGL- Cryptolocker Email Examples

People in Adelaide have fallen for these emails which purportedly come from AGL & Telstra (they do not ) . By clicking on the links you will be infected with Cryptolocker. I have been swamped with calls since these emails have started to arrive on computers. If you get any of these emails just delete them as clicking the links will result in your drives being encrypted and a ransom asked for the encryption key. More information on Cryptolocker can be found here  , including how to prevent it , but remember to have an offline backup. Ransomware – Cryptolocker – It Is Getting Worse

Continue Reading

Can You Prevent Cryptolocker From Infecting Your Computer

Cryptolocker is still infecting and encrypting hard drives on a regular basis. I have written articles on Cryptolocker previously.  Ransomware – Cryptolocker – It Is Getting Worse Cryptolocker – Could You Get It Can You Prevent It Can you stop it running through a software solution ? Try CryptoPrevent  and or Malwarebytes Prevention but there is no long-term guarantee these will continue working as the Crypto variants are continually evolving.  You need to backup and my strong advice is a regular offsite backup that is not connected to your computer  Stop opening emails that are not meant for you. I would also route your email through Gmail as Google appear to be doing a good job at flagging these emails that are causing computers to be infected.

Continue Reading

Ransomware – Cryptolocker – It Is Getting Worse

“Ransomware is easy to understand but hard to beat. It infects the machine, encrypts all files and then demands payment to get the files back. Ransomware works so well that most variants will even remove themselves when the damage is done, knowing you have the choice of either paying the ransomware author to get your files back, or risk losing them forever.” — https://blog.malwarebytes.org/news/2016/01/introducing-the-malwarebytes-anti-ransomware-beta/ Normal 0 false false false EN-US X-NONE X-NONE /* Style Definitions */ table.MsoNormalTable {mso-style-name:”Table Normal”; mso-tstyle-rowband-size:0; mso-tstyle-colband-size:0; mso-style-noshow:yes; mso-style-priority:99; mso-style-parent:””; mso-padding-alt:0cm 5.4pt 0cm 5.4pt; mso-para-margin-top:0cm; mso-para-margin-right:0cm; mso-para-margin-bottom:6.0pt; mso-para-margin-left:0cm; line-height:107%; mso-pagination:widow-orphan; font-size:15.0pt; font-family:Calibri; mso-ascii-font-family:Calibri; mso-ascii-theme-font:minor-latin; mso-hansi-font-family:Calibri; mso-hansi-theme-font:minor-latin; color:#595959; mso-themecolor:text1; mso-themetint:166; mso-fareast-language:JA;}What you need to do – backup is number 1 as , if you become infected the scorched earth policy takes place – your computer will have to wiped back to factory settings and reloaded from a known good copy of Windows. Try and also have a backup that is done on a regular basis but is not connected to the computer on a permanent basis. If you fall victim you will have lost access to everything – its encrypted and you will need the key to unencrypt it ( that’s why you pay the ransom )… Read More

Continue Reading

Cryptolocker – Could You Get It & Can You Prevent It

Cryptolocker is a ransomware trojan that targets windows computers and is activated and run when people click and run an infected email attachment. The most common one in Australia is the Australia Post email attachment  After clicking this link your files will be encrypted ( you cannot access your files unless you have the encryption key ) and you have choices: Pay the ransom – only and only if you have not backed up and there is NO guarantee you will get the key to open your files Wipe your computer and reinstall from a known good copy of Windows , this will have to be done even if you pay the ransom and get access to your files  Restore your files from a backup ( you do backup, dont you ) after you have wiped your computer and reinstalled from a known good copy of Windows  Can you STOP your computer getting Cryptolocker ? Yes with two choices You can run Cryptoprevent , there is a FREE edition There is information on the new Malwarebytes AntiRansomware software which you can download from here Malwarebytes AntiRansomware software

Continue Reading

Cryptolocker – Torrentlocker – Do Not Fall For Them

v:* {behavior:url(#default#VML);} o:* {behavior:url(#default#VML);} w:* {behavior:url(#default#VML);} .shape {behavior:url(#default#VML);} Normal 0 false false false false EN-US JA X-NONE /* Style Definitions */ table.MsoNormalTable {mso-style-name:”Table Normal”; mso-tstyle-rowband-size:0; mso-tstyle-colband-size:0; mso-style-noshow:yes; mso-style-priority:99; mso-style-parent:””; mso-padding-alt:0cm 5.4pt 0cm 5.4pt; mso-para-margin:0cm; mso-para-margin-bottom:.0001pt; mso-pagination:widow-orphan; font-size:12.0pt; font-family:Cambria; mso-ascii-font-family:Cambria; mso-ascii-theme-font:minor-latin; mso-hansi-font-family:Cambria; mso-hansi-theme-font:minor-latin; mso-ansi-language:EN-US;}New versions of Cryptolocker ( Torrent Locker ) are alive and well – I have seen 2 businesses  fall victim to these in the last few weeks – 1 had NO backup and 1 fortunately did. Cryptolocker / TorrentLocker will install on your computer when you “ click ‘ to open an attachment in an email ( usually a ZIP file ) and it will install and gradually “ encrypt “ EVERYTHING on your hard drive. You will then be unable to open any files You will see instructions about how to get the encryption key if you pay the ransom ( maybe is the big word here ) What are your options ? ·       Pay the ransom and hope you get the key allowing you access to your files ·       Restore from backup and wipe your computer Either way your computer will have to wiped and restored from a known good copy of windows. To stop it… Read More

Continue Reading

TorrentLocker – Ransomware & A Great Travel Site

v:* {behavior:url(#default#VML);} o:* {behavior:url(#default#VML);} w:* {behavior:url(#default#VML);} .shape {behavior:url(#default#VML);} Normal 0 false false false false EN-US JA X-NONE /* Style Definitions */ table.MsoNormalTable {mso-style-name:”Table Normal”; mso-tstyle-rowband-size:0; mso-tstyle-colband-size:0; mso-style-noshow:yes; mso-style-priority:99; mso-style-parent:””; mso-padding-alt:0cm 5.4pt 0cm 5.4pt; mso-para-margin:0cm; mso-para-margin-bottom:.0001pt; mso-pagination:widow-orphan; font-size:12.0pt; font-family:Cambria; mso-ascii-font-family:Cambria; mso-ascii-theme-font:minor-latin; mso-hansi-font-family:Cambria; mso-hansi-theme-font:minor-latin; mso-ansi-language:EN-US;}New versions of crypto locker ( Torrent Locker ) are alive and well – I have seen 2 businesses lose everything in the last few weeks – they had no backups TorrentLocker will install on your computer when you “ click ‘ to open an attachment in an email and it will install and gradually “ encrypt “ EVERYTHING on your hard drive. You will see instructions about how to get the encryption key if you pay the ransom ( maybe) What are your options ? ·       Pay the ransom and hope you get the key ·       Restore from backup and wipe your computer Either way your computer will have to wiped and restored from a known good copy of windows. To stop it running you should download CryptoPrevent which should stop it running and is currently your best choice.Please note there can be no guarantee on this software. CryptoPrevent But Wait There’s More: There is a new version… Read More

Continue Reading