Continue reading: http://community.spiceworks.com/topic/417412-tales-from-the-cryptolocker-wrestling-with-ransomware?utm_campaign=1209&utm_medium=spotlight&utm_source=swemailA few weeks ago, I had someone in our customer service department open an email from a legitimate client that contained a .zip file. This wasn’t exactly normal correspondence, but it also wasn’t unusual to be contacted via email by this contact. Shortly after, I was called and informed it appeared we had a virus. They said a strange pop-up warning message came up and they couldn’t get rid of it.
“Please don't click anything anymore” I replied. I asked if it resembled our antivirus alerts or had any reference to our recently added web filter. They told me that less than a minute after the .zip file was opened, they got the 72-hour countdown screen from CryptoLocker stating that they needed to purchase the $300 encryption key or all data would be encrypted and useless.
I told the person to unplug the PC from the network, and I literally ran to my car, drove to the offsite facility and dashed inside! I powered it off and told him he would have to work from another station for the rest of his shift. I walked out with the infected piece of hardware under my arm in a full nelson.