NEW 2014 RANSOMEWARE WARNING!!
ALICOM has received reports of increased activity concerning an apparent new Ransomware called Prison Locker.
Ransomware is one of the most blatant and obvious money making schemes by cyber criminals out there. The people mostly knew Ransomware malware when Cryptolocker came into play. At the time when readers were becoming aware of Ransomware, the Cryptolocker threat had peaked and other money motivated cyber criminals have started developing their own Cryptolocker versions.
Prison Locker is the new 2014 version that may be spreading soon. Prison Locker uses BlowFish encryption to encrypt all available files on the victim’s hard disk and shared drives except .exe, .dll, .sys, and other system files. During encryption it will generate a unique BlowFish key for each file and then encrypts the keys further with RSA-2048 encryption. It will then send the victim’s system information back to the command-and-control center of the attacker.
The Command-and-control center allows an attacker to set the Ramsomware warning time duration, ransom amount, payment mode and also allow decrypting the files on the victim’s system after payment received. The additional features added to Prison Locker include the following:
- The malware is able to detect Virtual Machine, Sandbox mode, and debugging environments.
- It will also disable Windows key & Escape key to prevent unwanted user actions.
- Also can kill taskmgr.exe, regedit.exe, cmd.exe, explorer.exe, and msconfig.exe processes to prevent unwanted user actions.
- The malware can startup in both regular boot mode and safe boot under HKCU.
Users who are infected with the malware should contact ALICOM to assist in removing the malware, or to perform a clean re-installation of their OS after formatting their computer’s hard drive.
Key Methods to help protect your information:
- Know your source : understand what you are putting on your computer.
- If it looks suspicious, do NOT open it. If you are not expecting an email attachment, then do NOT open it. Many viruses are being spread as .zip attachments. If you are not expecting a .zip file from someone, do NOT open it.
- Keep files saved on your network server and not on your computer.
- Keep additional backups of your servers data. Verify backups are not failing.
- Have anti-virus and anti-malware installed and updated on computers and servers.
- Keep all computers and servers updated with the latest security updates.
- Any concerns, please contact your IT department
ALICOM offers 24/7 Network, Anti-virus, and Backup monitoring services. Contact us!
INFORMATION TECHNOLOGY SUPPORT
ALICOM provides IT support for your company. We offer 24 hours a day/7 days a week support of all of your systems, hardware and software. We will help to leverage on-site and remote support so that your organization experiences the 360 degrees of support services ALICOM offers. Not only will we help you cut costs, but also boost performance of your company. We can assist you with:
- OUTSOURCED IT SUPPORT
- TEMP IT STAFFING
- REMOTE ONLY SUPPORT
- NETWORK SUPPORT
- FULLY MANAGED IT SUPPORT & SOLUTIONS
- PROJECT MANAGEMENT AND SUPPORT
- CYBER SECURITY
ALICOM even takes it one step further than other IT companies by offering other IT services and solutions all in-house:
- 24/7 ANTIVIRUS MONITORING
- 24/7 NETWORK MONITORING
- DISASTER PLANNING AND RECOVERY SERVICES
- PAPERLESS SOLUTIONS
- PHONE AND INTERNET SERVICES
- PROCESS DOCUMENTATION
- VULNERABILITY ASSESSMENTS
- DATA AND VOICE CABLING
- COMPLETE OFFICE MOVES
- SOCIAL MEDIA MARKETING
- GRAPHIC DESIGN