Locky Ransomware

Be on the lookout for a new ransomware called Locky. This ransomware encrypts your data using AES encryption and then forces you to pay 0.5 bitcoins to decrypt your data. It targets many different file types and it not only encrypts your network shares but on unmapped drives too.

Once the file is run it then encrypts your files and will then prompt you with the following pages

How to Prevent Locky Ransomeware

Backup regularly and keep a recent backup copy off-site. Use a online service like Crashplan or some other off-site backup service that takes your data offsite from your computer. This particular virus targets any drives attached to the PC which can be a USB backup drive.

Don’t enable macros in document attachments received via email. Microsoft deliberately turned off auto-execution of macros by default many years ago as a security measure. A lot of malware infections rely on persuading you to turn macros back on, so don’t do it!

Be cautious about unsolicited attachments. As always be cautious opening emails that look suspicious or your werent expecting. Not only in opening attachments but also in opening links contained in the website. If your not sure you can always forward the email to support@allstarit.com.au and we can advise you if its clean or to avoid it.

Remove Local Admin Rights. Some users have administrator rights to the PC and if comprimised this gives the hacker access to everything. Give yourself only the access you need and prompt for administrator rights when required. This will keep the bad guys out and hopefully protect your pc from running malicious stuff.

Patch early, patch often. Malware that doesn’t come in via document macros often relies on security bugs in popular applications, including Office, your browser, Flash and more. The sooner you patch, the fewer open holes remain for the crooks to exploit. Using a service like Tech Guard keeps your PC regularly up to date which keeps the bad guys from using the exploits on your pc.