IT Services warns of ‘ransom virus’ CryptoLocker

Levi Castle

*Correction 10.29: ISU email systems have not been infected, but are among the intended targets for CryptoLocker. IT stated that personal email accounts are still vulnerable if proper caution isn’t taken.*

Crime does not pay, except for a new virus that ransoms computer files. That’s exactly what a virus called CryptoLocker is designed to do.

On Monday morning, Iowa State’s IT news feed on their website detailed the situation, saying: “ITS security officials are aware of a relatively new, very effective, virus actively attacking campus users with Windows computers.”

While the virus uses the email medium in the form of infected attachments, and ISU emails have been attempted to be sent with those infected attachments intended to go with them, IT has stated that their systems are designed to filter out any bad attachments before the email ever reaches its destination, and are doing so successfully. 

However, Windows users with personal email accounts are still at risk, as IT has stated that five users have come forth with infected personal machines.

CryptoLocker finds its way onto a computer through bad email attachments that aren’t filtered or infected websites and immediately locates and locks user files. Rather than corrupt or delete the files like most viruses are designed to do, CryptoLocker takes a different route and tells the user that for a set amount of money they can regain access to the files. IT News reported that the amount required is usually about $300.

The article recommends that suspicious emails or websites should never gain a user’s attention enough to download or open anything potentially malicious. It is also suggested that all applications, operating systems and antivirus programs stay updated to combat the threat. Backup of files to an offline location is also advised in case of virus intrusion.

IT said in the article that if a computer is infected, users should never pay the ransom. Instead, students and staff are told to immediately turn off the computer and contact departmental IT support staff or the Solution Center at 515-294-4000.

When contacted for comment, IT Solution Center said: “It is kind of a big deal at the moment.”

Stay tuned to the Daily for more updates to come.