Local Police Warn About Computer Virus

October 30, 2013

Authorities are warning local citizens to be aware of a new computer virus  that was first detected last month in Europe and has now been confirmed in Escambia County.

The first local case of the “CryptoLocker Ransomware” computer virus was reported to authorities on Tuesday. A local business was hit by the virus after an employee opened what
she thought was a legitimate file.

The attachment containing  the virus is an attached .ZIP file. The file itself may have many different names; some of the commonly used names used are, “voice message”, “UPS tracking information”, and “Resume”. In  each case, opening this .ZIP file will activate the virus and lock users our of their own files.

The virus, normally spread by email, will seek out a contact list and email it self to others.

According to a press release from the Pensacola Police Department, this virus is  extremely destructive because it securely encrypts all of the computer user’s personal files. Once these files are encrypted they can only be opened  with the use of a ” private key”. The  virus program gives the computer user information on how to purchase the private key over the internet by wiring money to an account. The amount of  money required varies between$100 and $300.

This virus is easily detected by commercially available virus protection software. The best way to protect data from this virus is to not open attachments from suspicious email addresses. Keep  important data backed up to a DVD or external hard drive. Once this virus infects a computer  the files that get encrypted cannot be recovered without the private key. Computers users are advised to keep their virus definitions updated.

Infections should be reported to  www.ic3.gov .


23 Responses to “Local Police Warn About Computer Virus”

  1. My Computer Guy on October 31st, 2013 4:49 am

    We encountered this virus specifically the other day and its effects are devestating. This is absolutely not your typical virus and a simple boot into safe mode and system restore will not work. Up to date virus protection and frequent backups beyond that you need to contact a professional.

  2. mic hall on October 30th, 2013 6:31 pm

    This is NOT a minor virus. This is NOT like other ransom ware. Those who have said so do not have experience with THIS virus.

    Removing the virus does NOT to recover the files. Once they are encrypted they are GONE unless you can recover them from system restore or a backup.

    The encryption is fast and before you see the ransom the encryption is finished. All files it attacks on the computer that are accessible to the current user will be encrypted.

    Many types of files are encrypted including all types Microsoft Office files and most types of pictures,

    Those with ANY version of window MUST keep their virus checker up to date and run frequent backup of files you find valuable.

    Avoid opening ANY attachment on an email unless you are absolutely sure who it is from AND what is attached. If in question don’t open it.

  3. mnon on October 30th, 2013 6:05 pm

    To say Linux is virus free is not true… you can create a backdoor on any PC using trojan/virus programming. The virus’s that affect Windows is not like the ones that can affect Linux and the number of virus’s on Linux are greatly reduced compared to those for Windows.

    I’ve used both OS’s for years without any major virus issue. You just have to know your OS and use common sense. If I had to remove one OS from the world for another I would choose Windows and keep using my Linux build. Its flexible and easy to write scripts to do what you want to do with it. Also the ability to use it as a more stable networking platform.

    People disable, uninstall, or turn off their virus scans because they get annoyed with it. Well guess what, this is what happens when you get careless with your computer.

  4. Keith on October 30th, 2013 5:12 pm

    Mike, chances are your files are still there. They have simply been hidden from view. Download a file called unhide.exe from bleepingcomputer.com. That should return your files to view. Get rid of the virus first, though.

  5. Jerry A on October 30th, 2013 3:24 pm

    Edward any one that owns a computer whether it operates on Windows or Linux that does not have an active, up to date antivirus and/or firewall is a total idiot.

  6. Ben Thar on October 30th, 2013 1:52 pm


  7. David on October 30th, 2013 12:59 pm

    I would love to have the intelligence to be able to program so brilliantly, but I do not.

    If I did, I would use it to get a legitimate job in the computer field that no doubt would pay very well. A good job with good pay and no breaking the law and no harming other people. What I would write could very well help people.

    But no, these people squander their wonderful talents on malicious and damaging things.

    I just don’t understand. What is wrong with these people? Why do they pervert a wonderful gift that the Lord has given them? Again, I just don’t understand.

  8. MM on October 30th, 2013 12:38 pm

    The people who create these viruses ought to be shot.

  9. Anti-Linux on October 30th, 2013 11:11 am
  10. Edward on October 30th, 2013 10:34 am

    People don’t listen to these windows people’s comments. They want you to stick with windows. That is how they make their living. They may even be using your computer to spread spam and such. With Linux you don’t have to buy any firewalls or antivirus programs. You can get them free but they are for checking windows files from windows computer to windows computer in a server situation or mixed network.

  11. Edward on October 30th, 2013 10:25 am

    @Vulcanrider you can lie to the uninformed but not me. Give a news story where the linux OS was compromised. Don’t say jave script and such is equal to the linux OS.

  12. Jerry A on October 30th, 2013 10:15 am

    @ PhoneDoctor. CryptoLocker Ransomware pales in comparison to other viruses.

  13. Jerry A on October 30th, 2013 10:13 am

    William that is so true. On all 3 of the machines that I have cleaned the 2048 bit key files that are effected. I ran 4 different antivirus programs and not a single one of them was able to completely clean the affected computer. I ended up having to edit the Registry.

  14. William on October 30th, 2013 8:28 am

    >>It just like the FBI porn scam just login in safe mode and use your antivirus to get rid of it …. All of your stuff will still be there it’s fake

    It’s not that hard for someone with experience to get rid of it…but the problem is files it encrypted have a 2048 bit key that you will never break.

  15. PhoneDoctor on October 30th, 2013 8:22 am

    It just like the FBI porn scam just login in safe mode and use your antivirus to get rid of it …. All of your stuff will still be there it’s fake

  16. Jerry A on October 30th, 2013 8:08 am

    Edward you can say what you will about Windows systems. I have been running Windows based platforms for 20 plus years and I have never once even had a threat of a virus, trojan or malware. If one is careful in what they do and keep their antivirus/firewall up to date they needn’t worry.

    Also the aarticle states once infected with CrytpoLocker Ransomware the only way to remove it is to buy a “private key”. That is not totally true. Since this virus first hit the internet here in the local are, I have cleaned 3 computers of this virus. To remove it requires more than a novice can accomplish because it requires manipulation of the Registry. I have also found that System Recovery does not solve the problem.

  17. TOM on October 30th, 2013 8:07 am

    These viruses spread like mad because everyones E Mail address is spread everywhere by forward messages.

  18. William on October 30th, 2013 8:03 am

    ” there are no know virus in the wild for Linux.”

    Not really a true statement. While malware might be a better term for things that might play havoc with a Linux box, an unpatched Linux box can easily be infected.

    True…there’s never been, a likely never to be, infections that are as widespread and as damaging as what happens to poor Windows on a regular basis.

    Many pieces of malware are aimed at stealing information or setting up a DOS attack. But frequent patches prevent problems.

  19. My Computer Guy on October 30th, 2013 7:55 am

    We have encountered this viruses as well as others. In 90% of cases we are able to recover all of our customers files. We definitely recommend good virus prevention strategies. Virus protection and frequent backups are a must.

  20. Vulcanrider on October 30th, 2013 6:57 am

    Yep, another delusional Linux user…”there are no known Linux virus in the wild for Linux” except all of these…
    Rootkits[edit]Snakso-A – 64-bit Linux webserver rootkit[25]
    Trojans[edit]Hand of Thief – Banking trojan, 2013,[26][27]
    Kaiten – Linux.Backdoor.Kaiten trojan horse[28]
    Rexob – Linux.Backdoor.Rexob trojan[29]
    Waterfall screensaver backdoor – on gnome-look.org[30]
    Viruses[edit]42 [31][32]
    Arches [33]
    Alaeda – Virus.Linux.Alaeda[34]
    Bad Bunny – Perl.Badbunny[6][35]
    Binom – Linux/Binom[36]
    Bliss – requires root privileges
    Caveat [39][40]
    Coin [41][42]
    Diesel – Virus.Linux.Diesel.962[43]
    Hasher [44][45]
    Kagob a – Virus.Linux.Kagob.a[46]
    Kagob b – Virus.Linux.Kagob.b[47]
    Lacrimae (aka Crimea) [48][49]
    MetaPHOR (also known as Simile)[50]
    Nuxbee – Virus.Linux.Nuxbee.1403[51]
    Podloso – Linux.Podloso (The iPod virus)[54][55]
    RELx [56]
    Rike – Virus.Linux.Rike.1627[57]
    RST – Virus.Linux.RST.a[58] (known for infecting Korean release of Mozilla Suite 1.7.6 and Thunderbird 1.0.2 in September 2005[59])
    Satyr – Virus.Linux.Satyr.a[60]
    Vit – Virus.Linux.Vit.4096[61]
    Winter – Virus.Linux.Winter.341[62]
    Winux (also known as Lindose and PEElf)[63]
    Wit virus[64]
    ZipWorm – Virus.Linux.ZipWorm[65]
    Worms[edit]Adm – Net-Worm.Linux.Adm[66]
    Cheese – Net-Worm.Linux.Cheese[68]
    Mighty – Net-Worm.Linux.Mighty[71]
    Millen – Linux.Millen.Worm[72]
    Ramen worm – targeted only Red Hat Linux distributions versions 6.2 and 7.0
    SSH Bruteforce[74]

  21. mike on October 30th, 2013 6:48 am

    It got me 2 weeks ago. Came in an email from what looked like a work email. I opened the zip file and all my excel, word docs and pictures were gone and the only way to get them back was to pay around $300.. Luckily my wife and I have separate user accounts on the computer so her account was fine so the pictures were fine. I lost all the other stuff. I did sign up for online back up which if had before the virus I would ahbe been fine. DON’T OPEN AND ZIP FILE ON YOUR EMAIL UNLESS YOU ARE 100% SURE WHO SENT IT AND WHAT IT IS>>>>JUST DELETE THE EMAIL.

  22. focvmpe on October 30th, 2013 6:47 am

    I have gotten ones saying fedex off and on over the past year. Always on aol email, but not on my gmail. Always thought it was strange, so would copy the supposed ‘tracking number’ and got to fedex site to enter it….never clicked link! So glad I didn’t!!!!

    (Byrneville area)

  23. Edward on October 30th, 2013 4:11 am

    Almost all viruses on the internet only do harm to windows computers. When you hear of a computer virus or pc virus think windows only. There are a few for mac computers because apple has lowered the security of the operating system which is basically BSD, Berkley Software Distribution a unix flavor. I only use Linux as my operating system. It is a totally free unix clone downloadable from the internet and there are no know virus in the wild for Linux. Software on windows does not run on BSD or Linux. That is why the viruses don’t work on them. I would never access my online banking with a window computer ever! Try Ubuntu Linux if you want to get away from the operating system (windows) that have cost users billions of dollars because it is so insecure.

Have a comment on this story?

We welcome your comments on this story, but there are some rules to follow::

(1) Be Nice. No comments that slander another, no racism, no sexism, no personal attacks.

(2) No Harrassing Comments. If someone says something bad about you, don't respond. That's childish.

(3) No Libel. That's saying something is not true about someone. Don't do it.

(4) Keep it clean. Nothing vulgar, obscene or sexually related. No profanity or obvious substitutions. Period.

(5) NorthEscambia.com reserves the right to remove any comments that violate our rules or we think to be inappropriate. We are not responsible for what is posted. Comments may not appear right away until they are approved by a moderator.

(6) Limit your comments to the subject in this story only, and limit comments to 300 words or less. Do not post copyrighted material. Comments will not be added to stories that are over 30 days old.

(7) No posts may advertise a commercial business or political group, or link to another commercial web site or political site of any kind.