Tuesday, 10 March 2015

Crypto Locker Infected 200 Computers From VU University

The Crypto Locker ransomware has 200 computers of the VU University Amsterdam (VU) infected as a spokeswoman for the university. "The Crypto Locker Virus haunts on our network," said Aukje Scoop. Twitter posted Rickey Gevers a screenshot of the warning was distributed among staff and students. The damage was due to a good backup strategy, however, are minimal. The malware spreads via email attachments and encrypt files on computers for ransom. To put the impact of ransomware to counteract the VU network decided this weekend to "read-only".

Scans performed at the IT department were discovered last week several infected workstations. Once there was an infection detected, the computer and the corresponding account temporarily blocked. The malware was removed and a backup of the evening returned it, then the computer and the account were released. Because the VU backing up the harm or risk of data loss are minimal. There were no students or employees have come forward that have been lost by the ransomware files.

Last weekend decided the technical department to put the network on read-only, so that the virus could not do his job. "The IT department had more clout to clean everything," Scoop notes. At the VU is a lot of work with group drives, where students store their documents. "Now it's wait and see how it is spread. The virus mutates continuously. Our IT department is aware that it can emerge in other places." At 200 computers Crypto Locker was eventually found.


"The complicated is that the virus ever mutates. In the beginning was warned mails from unknown senders or stranger left. But it now seems also that it can attach to emails from colleagues. Why is continuously scanned . It is therefore not sufficient to keep only foreign mails outside, because it seems to be mutated itself. "

It is currently unclear whether the students or employees who were initially opened the infected emails. When the first infections through Crypto Locker emerged the university decided to warn in different ways for the ransomware. "It is very much shut out by the security systems. In an organization such as a university, it is impossible to rule out anything. So there is a balance to be searched."

Virus Scanner

The network has now picked up again in read-only. In addition, the university is also looking forward a new type of virus that may in addition have to go, but the details are not yet known. According Spoon would not get the first time that make VU ransomware. A few months ago would have been some isolated cases. "But when that had no effect and that was resolved pretty quickly."

No comments:

Post a Comment