18 March 2016
We have become aware of a new variant of the Cryptolocker malware that’s particularly nasty and is currently doing the rounds. Please copy this to anyone you feel will benefit from this heads up.
- The malware is arriving via email in the form of a Word Document claiming to be an Invoice.
- On opening the document a macro infects your PC, removes all security copies (shadow copies and restore points) and starts encrypting files.
- The malware will encrypt all files it can see – (so all files on your local PC, all network files), and very quickly.
- These files will be unusable and the only way to recover the files from this encryption is to either pay a ransom (approx. US$1000), or restore from backup.
A more thorough explanation is available at:
or just google ‘Cryptolocker Locky’
We cannot stress enough:
- Do not open emails or email attachments from people you do not know, or from emails you were not expecting.
- If in doubt, ask someone else, and if you are still in doubt contact Caduceus and we will investigate.
- These malware attacks are incredibly hard to detect and stop. Virus scanners currently do a poor job of detecting these types of attacks because the malwares actions look very similar to actions you or I might perform on the computer.
If you would like to discuss any of the above please contact Caduceus Support (email@example.com)