Be very careful in opening up any attachment as most report that it was an attachment to an Australia Post, Australian Federal Police, FedEx or UPS shipping notice or a Banking email.Once infected, you will get a popup saying your files are encrypted and demanding a ransom to get them back.
Be careful opening attachments claiming to be from these companies.
The virus comes in through users clicking on shipping email attachments that are actual viruses or through attacks that utilise exploiting older vulnerable java.
The attack then installs without administrator rights on the system and begins to attack and go after its real payload: Your key files.
- It will look for any Office or Database file and encrypt it.
- It will also search out across a network for any file on the network that is also an Office or Database file and encrypt it as well.
It will then throw up a message on the screen asking for payment to decrypt the files.
Currently it is difficult to prevent this with a mere antivirus and post infection.
It cannot be cleaned up with the normal tools such as malwarebytes or your normal antivirus tools.
What to do if you are infected by this very deadly virus.
- Disconnect the infected computer from the network. Easiest way is to pull out the network cable.
- Do not pay money to get your files back.
- Call CBM Corporate IT support on 9260 9048.
- Schedule regular backups.
- Don’t open suspicious emails.
- Instigate a disaster recovery plan.
If you would like some advice please call CBM Corporate IT support on 9260 9048.
Related Tags: Perth IT Services