We have a brand new updated website! Click here to check it out!

New Virus Holding Computers Ransom

Ellis County High Technology Unit LogoThe Ellis County High Technology Unit is warning residents about a new cyber threat being called ransom-ware.  According to Bradley R. Ricke, Ellis County High Technology Crime Unit Investigator, the virus is being distributed via email right now, and while there aren’t any reported cases in Ellis county, occurrences nationwide are growing and spreading.

Ricke said that this virus is similar to others: an email claiming to be from a financial institution is sent out containing a link leading to a malicious site.  Once a user clicks the link, the website downloads a virus to the computer with the intent of damaging components and stealing personal information.  However, this fairly new threat is a little different.

The virus encrypts personal files such as pictures and music that are typically harder to replace.  Once the virus encrypts those files, users are given a certain amount of time to enter payment information in a pop up box, thus holding the encrypted files ransom.  If the time frame passes, the virus deletes all files that have been encrypted.

“Once it installs, it will encrypt parts of their hard drive, specifically the My Documents folder.  It can even encrypt external drives and USB drives that are plugged in” said Ricke.  “A lot of folks will have their cloud storage with backup documents running in the background, so theoretically they could get your backup too.”

Ricke added that if the virus is coded to encrypt data where personal files are saved by default, programs such as the Cloud or Dropbox that synchronize multiple computers to one central folder or location could pose a larger problem. Such programs, when they recognize a file has been changed, will automatically update and re-sync with the computer.  If given enough time for files to be uploaded to those services, the encryption could easily pass from one machine to another.

Ricke said that anyone who believes he/she has downloaded such a virus should unplug the computer or take the battery out right away.  Don’t boot the computer back up.  Instead, take the computer to an IT professional.

He also said that anti-virus may be effective in catching the virus before it damages the system, but as this is a new type of attack, software companies have to react and work on releasing updates that address this particular type of threat.

The best way to avoid the virus according to Ricke is to never click links in emails asking for personal information.  Instead, anyone who receives an email claiming to be from his or her financial institution (bank, lender, etc is advised to call the number on the company’s website to communicate with staff directly.

Copyright Eagle Radio | FCC Public Files | EEO Public File