Cryptolocker Outbreak

Mar 18

18 March 2016

We have become aware of a new variant of the Cryptolocker malware that’s particularly nasty and is currently doing the rounds. Please copy this to anyone you feel will benefit from this heads up.


  • The malware is arriving via email in the form of a Word Document claiming to be an Invoice.
  • On opening the document a macro infects your PC, removes all security copies (shadow copies and restore points) and starts encrypting files.
  • The malware will encrypt all files it can see – (so all files on your local PC, all network files), and very quickly.
  • These files will be unusable and the only way to recover the files from this encryption is to either pay a ransom (approx. US$1000), or restore from backup.

A more thorough explanation is available at:
or just google ‘Cryptolocker Locky’

We cannot stress enough:​

  • Do not open emails or email attachments from people you do not know, or from emails you were not expecting.
  • If in doubt, ask someone else, and if you are still in doubt contact Caduceus and we will investigate.
  • These malware attacks are incredibly hard to detect and stop. Virus scanners currently do a poor job of detecting these types of attacks because the malwares actions look very similar to actions you or I might perform on the computer. 
  • Relying on your virus scanner to prevent these attacks is not recommended!

If you would like to discuss any of the above please contact Caduceus Support (

Remote Support