Even with Server Policies and blocking tools available on the internet, Cryptolocker variants have found new ways to attack your computer.
Although blocking programs has proven an effective method of preventing “Ransomware” such as Cryptolocker in the past, new ways have been found by the malware creators to get around this. Typically malware is released as a program (eg. EXE, COM, BAT or CMD Files) within an attachment that when opened, trigger the payload. It has been discovered recently, that they are now using other file types that Windows will try and execute through file association such as Javascript (JS) files.
One such example we’ve seen recently was delivered via email pretending to be a resume (resume.js), which deployed CryptoWall 3.0, which is recent variant of Cryptolocker
Varidan are in the process of implementing policy updates to prevent this type of infection
Again we urge our customers and their staff to observe the golden rule of email attachments:
“If you do not know or trust the sender, or if you are unsure in any way – Please do NOT Open the attachment”.
Our customers are welcome to send any suspect email to us for analysis.