Sign up to save your podcasts
Or
Share Cyber Terrorist LOCKY Virus Wipes Our Data
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
Cyber Terrorist LOCKY Virus Wipes Our Data
My Services And Free Downloads: http://goo.gl/dOJjWW
The LOCKY Virus. Couple weeks ago we got a variant of the LOCKY virus and I was able to successfully recover the data at that time. At the time it was not called the LOCKY virus. At that time it really didn't have a name. But this time around it essentially was the exact same script that was executed from a Microsoft Word document. This script goes out and rewrite all of the primary files users have historically interacted with as well as standard files such as PDF, Excel, Word, PowerPoint, etc.… now this is not a standard rewrite, it is actually a crypto encryption. This essentially means that it has Pentagon level security that you will never be able to get through on your own unless you go to the cyber terrorist and pay them a fee.
From what I understand if you pay the fee they will actually give you the results you need. The problem is that the result cannot be shared with anyone else because it requires a unique identifier associated with your file encryption on your machine at the time of encryption. I'd be impressed at the quality of this script if I weren't so annoyed at the people who wrote it. Given that two weeks after the first time someone in our office got infected I received a variant in the form of an invoice this leads me to believe that there will be a number of variants moving forward before this script has ran it's course.
As far as I can tell the only precaution you can really take is making sure that the macro security on all of your Microsoft office Products are enabled. This is technically not a virus, is a script that is executed upon opening a office document. As a result most antivirus offer will not catch it at this time. Everyone should also be considering making a major backup of all of the critical system files. As a standard it's best to use what's called a 321 back up. Three backups total, two locally on an external Drive or some other media and one offsite on a service such as Carbonite or Amazon S3.
I would encourage anybody who got infected with the virus not to pay up unless they absolutely have no other choice. While I have confirmed that a number of people have actually recovered their data through paying, it is essentially supporting cyber terrorism. We have no idea what that money is funding. For all we know it could be a 16-year-old kid living in his mother's basement… But it could also be terrorist organizations funding military warfare.
That's all I have for today! Thanks for stopping by and don't forget to subscribe.
View all episodes
My Services And Free Downloads: http://goo.gl/dOJjWW
The LOCKY Virus. Couple weeks ago we got a variant of the LOCKY virus and I was able to successfully recover the data at that time. At the time it was not called the LOCKY virus. At that time it really didn't have a name. But this time around it essentially was the exact same script that was executed from a Microsoft Word document. This script goes out and rewrite all of the primary files users have historically interacted with as well as standard files such as PDF, Excel, Word, PowerPoint, etc.… now this is not a standard rewrite, it is actually a crypto encryption. This essentially means that it has Pentagon level security that you will never be able to get through on your own unless you go to the cyber terrorist and pay them a fee.
From what I understand if you pay the fee they will actually give you the results you need. The problem is that the result cannot be shared with anyone else because it requires a unique identifier associated with your file encryption on your machine at the time of encryption. I'd be impressed at the quality of this script if I weren't so annoyed at the people who wrote it. Given that two weeks after the first time someone in our office got infected I received a variant in the form of an invoice this leads me to believe that there will be a number of variants moving forward before this script has ran it's course.
As far as I can tell the only precaution you can really take is making sure that the macro security on all of your Microsoft office Products are enabled. This is technically not a virus, is a script that is executed upon opening a office document. As a result most antivirus offer will not catch it at this time. Everyone should also be considering making a major backup of all of the critical system files. As a standard it's best to use what's called a 321 back up. Three backups total, two locally on an external Drive or some other media and one offsite on a service such as Carbonite or Amazon S3.
I would encourage anybody who got infected with the virus not to pay up unless they absolutely have no other choice. While I have confirmed that a number of people have actually recovered their data through paying, it is essentially supporting cyber terrorism. We have no idea what that money is funding. For all we know it could be a 16-year-old kid living in his mother's basement… But it could also be terrorist organizations funding military warfare.
That's all I have for today! Thanks for stopping by and don't forget to subscribe.