New phishing threat: Ransomware

Miami faculty, staff and students should think twice before opening any email links or attachments - including voice mails - unless they are sure who sent the message and that it is legitimate. Miami's IT services warns that a new malware called CryptoLocker is spreading around the Internet and, although university technicians have not had any confirmed infections at Miami, activity that looks very similar has been seen on the Miami network.

If your computer becomes infected, the virus holds every file for ransom. You are required to pay $300 in bitcoins to the hacker responsible for the infection within 100 hours, or your files will be lost forever.  Bitcoins are a virtual currency used to protect the perpetrator’s anonymity.

CryptoLocker is spread through phony emails designed to look like they're from legitimate businesses, like fake FedEx and UPS tracking notifications or voice mail files. Once opened, CryptoLocker installs itself in the “Documents and Settings” folder, scans the hard drive and encrypts certain file types, including documents associated with Microsoft Word and Adobe Photoshop. CryptoLocker then launches a pop-up window with the 100-hour countdown and provides details on how to pay the ransom.

If the ransom is paid before the deadline, a key is given to decrypt the files. If not, the key is destroyed and the files are effectively lost forever.

Miami information security engineers are working to find or catch messages carrying the CryptoLocker virus before it reaches computers on Miami’s network. However, like all phishing, the most important information security is smart people, vigilant about their security online. Always double-check the legitimacy of links received in emails and social media messages. 

If your computer is infected, contact the IT Support Desk immediately.

ITHelp@MiamiOH.edu

(513) 529-7900

For more about CryptoLocker see: Cryptolocker virus new malware holds computers ransom.