Ransomware targeting Australia & New Zealand


A new variant of the Crypto Ransomware has begun to spread, targeting Australia and New Zealand.

While most malware is detected and identified in more dense areas of the world before it hits Australia and New Zealand, the latest Crypto malware is designed to specifically fool and infect the Oceanic region.

Once the virus infects the target machine, it automatically starts to encrypt non-system data, deletes itself from the machine to avoid being identified for later signatures, and sends the decryption key to a remote server in case the customer is willing to pay for decryption.

A mixture of End User Education and an effective Active Virus program is your best defence to avoid infection and damage. Since the malware is constantly evolving and its infection target is small, signatures for the variants are not a reliable method of detection.

To improve and qualify protection for your business we recommend:

- MOST IMPORTANTLY – Educate End Users on safe internet practices!

Most malware currently relies on human interaction to enter the system.

So do not:

  1. Click on any suspect emails
  2. Open attachments from emails (especially those that you are not expecting)
  3. Agree to allow the malware to run by overriding the Notification Pop Ups – which may allow the malware to run for a period of time before you are aware that it has infiltrated your computer.

To protect against these types of infection, schedule continuous file backups (either locally or in the cloud) so data can be recovered in case of corruption.

To be secure, local backups must be offline (not connected to the computer), if they are commected to the computer they may also be encrypted and made useless. Any backup that you can browse around the backup drive and see your files will be encrypted if you get one of these infections.

Cloud backups like Carbonite, etc should be safe from the malware because they often keep multiple versions of the files.

What if you've been infected by one of the ransomware variants?

You have a couple of options:

If you want more information or require assistance just contact us.