Please be aware that a potentially new variant of the Cryptolocker ransomware has been identified. “Ransomware” is a new category of malware that can prevent access to a computer, or the data on it, unless the victim pays a ransom to the malware creator. The Cryptolocker malware encrypts files on the victims computer and then demands payment for the files to be unlocked.

Because this is a new variant of the malware, there are no current ways to protect you from it. The only protection is to not open attachments that you are not expecting or that look suspicious.  The malware is primarily delivered via email and often contain a subject line enticing you to open an accompanying attachment. Below is an example of the message (Subject: Invoice Payment Confirmation; Attachment: Invoice_Details_01.04.2014.zip).

The malware can potentially be sent to your UTA email or your personal email (e.g. gmail, Hotmail, yahoo, etc) account.

If you fall victim to this virus, you will not be able to unlock your files and must rely on your backups. The malware can be aggressive has been known to encrypt files on local hard drives, external drives and potentially your file shares (e.g. your K: and J: drives).

UTA Employees: To backup your data on a UTA owned computer, you may use CrashPlan  (search for “CrashPlan” in the search box on the UTA website).

For updates on this advisory, please check back periodically or send an email to security@uta.edu. If you need help on how to use CrashPlan or if you are a victim of this virus, contact the Help Desk at 2-2208.

Please see our previous advisory entry about Cryptolocker for background and tips.