Skip to main content
Uncategorized

WARNING – cryptolocker virus – make sure you have good backups

By October 24, 2013October 31st, 2014No Comments

There have been lots of false computer virus warnings (hoaxes) through the years, so whenever a friend forwards you a warning it’s a good idea to check it out.  snopes.com does a great job of this. In this case the virus warning is real and you can verify that here:

http://www.snopes.com/computer/virus/cryptolocker.asp

 

In this case, the virus is real and is bad enough that I’m warning everyone so you can try to be more careful on your home computers.  If you have a business, you should also make sure your backup system is working, but there are other things we can do to protect your network.  For more information, please contact me.

 

What the cryptolocker virus does is encrypts all your files. (photos, documents, etc.) Then it asks you to pay about $300 for the password to decrypt them.  You have 36 hours to do it or they walk away.  What makes this virus different than other viruses, is even professionals can’t get the files back without cleaning up after the virus and then restoring your files from backup.

cryptolocker

With that said, I strongly recommend an online backup for home users.   One is: http://www.carbonite.com/online-backup   If you are backing up to a USB hard drive, this virus searches for drives and even network drives and encrypts those files as well.

 

This virus infects computers by tricking users to open an attachment to an email.  They trick you by sending you an email that says something like there was a suspicious charge made to your credit card and if you would like to dispute the charge, you should open the attachment.  Don’t open attachments in emails that you weren’t expecting.  If you have any doubts, please don’t open it.

 

The second way this virus has been infecting computers is through what’s called a “drive by download.”  Basically the virus writers will buy ad space on legitimate websites (Syracuse.com had this problem some years ago) and when your computer goes there it will search for an old version of java.  So even if you have the latest version of java installed, if you left an old version behind, it will look for the old one with the vulnerability and try to infect your machine.  I would recommend going to control panel -> programs and features look for java and uninstall any version older than Version 7 update 45. (as of 10/24/2013 this is the current version.)  If you’re unsure just uninstall all versions of java.

Edit: You can now go to java.com and check to see if you have java installed AND check for old versions.  Just go to:

http://java.com/en/download/installed.jsp

When that page loads, click on the button that says “Verify Java version”

doIhaveJava

You may be prompted with a confirmation to run Java.  This is expected, so click “Run.”

runapp

If you have the current version, you will get a message like the one below.  Don’t stop there.  Click the link that says “checking for old versions of Java and removing them using the Java uninstall tool.”

check-old-versions

Hopefully you’ll get a message like the one below saying that everything is current.  If there are old versions, follow the instructions on removing them.

no-old-versions

Between keeping your system up to date, and making sure you have a good backup of your system, you should have a reasonable amount of protection and safety from losing your important files to this virus.