02/26/2016

The Ugly Truth About "Ransomware"




Hospital

On Feb 18, the entire computer system at Hollywood Presbyterian Medical Center was locked and held for ransom.

The hackers who easily infiltrated the hospital's system locked and encrypted all of the hospital's medical files and computers making it impossible to work and help patients. The hackers demanded $17,000 to unlock the hospital's computer system. The hospital staff had to resort to pen and paper to get anything done, and many critical patients had to be diverted to other hospitals for care.

And if you think you're not vulnerable to ransomware attacks, think again:

The Lockie ransomeware malware can be targeted at anyone, anytime. Whether you're a big company or a single person, Lockie makes it incredibly easy to infect and hold your PC... or many PCs... for ransom. Local resident Brandi C. was hit by Lockie at home.

Woman

Brandi had to pay $300 to the hackers so they would unlock and release her computer back to her.

300


How Does This Happen?

The Lockie ransomware is spread primarily through emails. Proofpoint CEO Gary Steele says their security firm saw 10 million messages go out in one day that contained the Lockie ransomware. 

Gary

Lockie is typically delivered via email as an attachment. By clicking open a simple Word document attached to your email, you could instantly infect your system with Lockie. Your entire computer would then be locked and encrypted with a demand from the hackers to pay hundreds or even thousands of dollars to unlock your computer.

How To Avoid Lockie and Other Ransomware

  1. Don't click on suspicious links or attachments in your emails. If you get an email from someone you don't know that has an attachment, you have two options:

    1. Delete the email immediately without opening. This is your best and safest option.

    2. Use your antivirus software to scan the file before opening it (most antivirus software has a feature that lets you right click a file and scan it. Caution: be extremely careful that you don't actually double click to open it. If you do, you could instantly infect your PC. If you do get infected with Lockie or any ransomware, try The FixMeStick to get rid of it.

  2. Backup all your data regularly. If you're not already backing up your files... you should be. A good backup software is a critical piece of online security that many people overlook. Backup always and often.

  3. Be sure you have a good antivirus or Internet Security software installed. We say it over and over, but people still get hit with ransomware and other malware all the time because they have poor antivirus software. A good antivirus program will scan attachments before they can do any damage.

 

In the end, the hospital paid the $17,000 ransom to get their files back. They panicked because they felt they had no other choice. They should've trained their staff to better identify suspicious email attachments, and they should've had better antivirus software running.

And Brandi, and thousands more like her, was an innocent bystander who got hit with this devious malware... and you could too. Be alert when you're online just like you would in a bad part of town. Keep your eyes and ears open and don't be too quick to click.

11/28/2015

Emsisoft Tool to Decrypt DecryptorMax

Ransomware

Softpedia has a nice write up on the new Emsisoft tool to decrypt the DecryptorMax ransomware (aka CryptInfinite).

This tool is great news for the good guys and for the consumers who've been affected by this scumware.

If your PC is infected with this malware, you can download decrypt_cryptinfinite.exe (the decryption tool) from Emsisoft here:

http://emsi.at/DecryptCryptInfinite

And, as to how to use it, the fine folks at BleepingComputer.com have a tutorial on using the ryptInfinite / DecryptorMax decryption tool.