Ransomware Removal Tool

Your First Step: Do You Have Ransomware? If So, What Kind?

Widespread ransomware viruses include: Xorist, CryptorBit,CryptoLocker, Locky (often targeted at hospitals) and Samas.

You may need a ransomware removal tool if your computer shows a threatening message such as:

· “Your computer has been infected with a virus. Click here to resolve the issue.”

· “Your computer was used to visit websites with illegal content. To unlock your computer, you must pay a $100 fine.”

· “All files on your computer have been encrypted. You must pay this ransom within 72 hours to regain access to your data.”

Microsoft has a good resource describing what ransomware looks like and ransomware removal tool. Visit here

If you think you've got ransomware, visit the official US CERT ransomware page here

Monday, July 3, 2017

Pharma Giant Hit By Ransomware

"Merck, a U.S.-based pharmaceutical giant, was among dozens of businesses affected by a sprawling cyberattack Tuesday, with victims across the globe facing demands to hand over a ransom or have their computer networks remain locked and inaccessible."

Saturday, April 30, 2016

New FBI Recommendations on Ransomware Response, Ransomware Removal and Ransomware Prevention

Don't pay a ransom, urges the FBI. “Paying a ransom doesn’t guarantee an organization that it will get its data back—we’ve seen cases where organizations never got a decryption key after having paid the ransom. Paying a ransom not only emboldens current cyber criminals to target more organizations, it also offers an incentive for other criminals to get involved in this type of illegal activity. And finally, by paying a ransom, an organization might inadvertently be funding other illicit activity associated with criminals," says an FBI official

Instead the FBI recommends better ransomware prevention, such as employee training (pay special attention to spear phishing) and technical prevention tools, along with a good business continuity plan.
See the April 2016 update here

Friday, April 29, 2016

Ransomware Hits Michigan Utility

"Recently, the American public utility Lansing Board of Water & Light (BWL) has announced that the company has become a victim of Ransomware attack that knocked the utility's internal computer systems offline:" reports Hacker News here

The FBI is assisting the utility, which says none of its 96,000 customers has lost personal information in the attack. The specific type of ransomware and ransomware removal tool, if any, involved in the response has not been revealed by authorities.

Protect Yourself from Ransomware: FBI Tips

- Make sure you have updated antivirus software on your computer.

- Enable automated patches for your operating system and web browser.

- Have strong passwords, and don’t use the same passwords for everything.

- Use a pop-up blocker.

- Only download software—especially free software—from sites you know and trust (malware can also come in downloadable games, file-sharing programs, and customized toolbars).

- Don’t open attachments in unsolicited e-mails, even if they come from people in your contact list, and never click on a URL contained in an unsolicited e-mail, even if you think it looks safe. Instead, close out the e-mail and go to the organization’s website directly.

- Use the same precautions on your mobile phone as you would on your computer when using the Internet.

- To prevent the loss of essential files due to a ransomware infection, it’s recommended that individuals and businesses always conduct regular system back-ups and store the backed-up data offline.