IT SECURITY ALERT: Protect your computer from CryptoWall “ransomware” virus

UPDATE: We have learned of some CryptoWall infections in the UMass system, and PC World reports over 600,000 PCs held hostage worldwide. This malware is out there and the threat is very serious.


This notification is to make you aware of a new version of the CryptoWall “ransomware” virus, which locks or encrypts files and may ask for payment in order to receive the decryption key. A newly released version has changed its delivery method and has been evading detection by most anti-virus programs.

Read on to learn how to protect yourself, and what to do if you think you are infected.

WHAT IF I BELIEVE MY COMPUTER IS INFECTED?​

  • ​If your computer is infected, your files will appear locked or scrambled and you will not be able to open them. You may also be prompted to submit payment for a decryption key.
  • We suggest that you do not pay the ransom.
  • Do not attempt to decrypt your computer or files though Web portals offering decryption services, these may be bogus.
  • Your anti-virus vendor may have tools that can clean your machine.
  • For work computers please call the IT Service Desk.
  • ​Please see Malvertising campaign delivers digitally signed CryptoWall Ransomware article in PCWorld to learn more.

WHAT CAN I DO TO PROTECT MY COMPUTER?

UMass Boston’s Information Technology team is updating University computer operating systems, applications and web browsers and blocking web traffic to known malware sites, but you are your computer’s best protection!

  • Before opening email attachments, confirm the sender’s legitimacy. Do not open any attachments that appear suspicious.
  • Update your computer’s operating system, anti-virus software and web browsers. Attacks often target vulnerabilities in web browsers; applying security patches can help reduce the risk of infection.
  • Be very careful when web browsing; as we approach the holiday buying season, these types of attacks become much more prevalent.​
  • Back up your hard drive(s) and unplug external hard drives when not in use. This type of malware may attempt to encrypt drives attached to a targeted computer.
  • On your home machines, you may wish to run the free Qualys Browser Check to determine the status of your plug-ins.
  • The latest version attacks using “Malvertising” whereby browsers are redirected by rogue ads to third-party pages that execute exploits in outdated browser plug-ins. ​Make sure your browser plug-ins are updated, and enable click-to-play for plug-in based content if the feature is available in your browser.
  • For more ways to protect yourself, visit the UMass Boston Safe Computing and Browser Check page​

If you have any questions, please contact the IT Service Desk:
Webhttp://www.umb.edu/it/getting_help
EmailITServiceDesk@umb.edu
Phone617-287-5220 (Internal: 7-5220)​