NAPOLEONVILLE, LA (WVUE) - The Assumption Parish Sheriff's Office is warning computer users about a software virus known as Ransomware that forces the user to send money in order to have important files restored.
The Sheriff's Office says on Feb. 19th, the department received a report from a large business stating they'd been the victim of computer fraud. The virus was disguised as a new update to a program already already installed. The business computer network was infected with a cryptovirus infecting several computers.
After running the update, users noticed that nothing changed within the program. Workers contacted the program company, who informed them that they had not sent an update. After powering the computer back on from the weekend, the virus was discovered. The cryptovirus is a very advanced software virus, also known as Ransomware, that encrypted all of their files so that workers could not access any of the important computer files.
Upon learning of the virus, a ransom message appeared on the computer that the virus stemmed from, instructing workers on how to recover their files. Workers were instructed to enter an underground, secret online browser, where they followed steps to send an amount of money to the hackers. After the money was sent, all files were restored to their computer system.
Through further investigation, it was learned that there have been other similar hackings at businesses in a nearby parish where money was sent through this underground browser to have files restored. It is believed that this particular cryptovirus is directed towards business/industry, but it is possible that it could easily infect personal computers as well. The browser that was used in order to obtain directions to send the money is completely untraceable and normally based out of international countries.
Although these hackers are believed to be based from a foreign country, there are steps that the Sheriff's Office suggests taking to avoid having to spend unnecessary money or chance losing important files altogether.
The cryptovirus does affect files backed up that are directly linked to the computers, but it is suggested that to avoid paying the ransom money if your computers are infected, to have a cloud or backup storage in place that is not hard mapped to the network drives linked to your computers. An example of such device is a personal cloud storage external non-mapped network drive.
Even though this hacking acted as a popup update on the computer, it is also possible that these viruses can be sent via e-mail. If an e-mail seems suspicious, it is suggested to delete the e-mail prior to opening it. Being cautious in monitoring what is downloaded, updated, or opened from all computers is the best defense to being hacked.