I've have just received a computer virus warning and it sounds quite nasty, so I thought I would share it. Warn your DCs to be extra careful when they are surfing the net. Please see the details below:
A new version of malware, known as Locky Ransomware, is spreading quickly. Ransomware is a malicious software that denies you access to your computer or files until you pay a ransom. The malware encrypts files on your computer and may lock your screen, making your computer completely useless and inaccessible.
This particular malware works as follows:
1. You receive an e-mail containing an attached Microsoft Word file, claiming to be an invoice that requires a macro (Note: Microsoft has disabled Macros are disabled by default by Microsoft due to the security dangers. Users get a warning if a document contains one).
2. If you enable the macro, it will download and install Locky on your computer. Locky will encrypt files on your computer, as well as any files found on network shares, even ones that are not locally mapped on your machine.
3. If your try to access files, you will be asked to pay a ransom to unlock them.
Presently, there is no known way to break the encryption, used by the Locky virus, and recover the files. If you have enabled the macro you may have lost your information permanently.
Locky Ransomware is a high severity infection and because of this, you are requested to follow the below listed safe-computing practices, diligently:
1. Do not click on unsolicited web links in email messages.
2. Use caution when opening email attachments. Be extremely wary of any Microsoft Office email attachment that advises you to enable macros to view its content. Unless you are absolutely sure that it is a genuine email from a trusted source, do not enable macros. Instead delete the email immediately.
3. Maintain up to date anti-virus software.
4. Regularly check if PC backup has completed its daily back up routine. If your computer becomes infected, your files can be restored from the latest backup once the malware has been removed.
5. Keep your system up to date by regularly installing the latest software patches.