‘Ransomware’ Targets Honolulu Businesses
Malicious computer malware that locks up files and demands a ransom for their release has shown up in Honolulu, according to police.
About a dozen complaints have come in over two weeks about CryptoWall, informally known as “ransomware,” said Honolulu police Lt. John McCarthy.
Disguised emails spread the malware, the Honolulu Star-Advertiser reported. Police have not figured out who is sending it and collecting the ransom, McCarthy said Wednesday at a news conference.
Two customers with infected computers sought relief last week at SOHO Computer Repair, said owner John White.
“It’s really bad,” White said. “It basically locks up everything.”
When the malware infects a computer, White said, it encrypts files until all data is locked. “there’s no way for us to get in – you can’t go through a back door,” he said.
An attempt to open an encrypted file brings up a message telling a user how to pay a ransom with Bitcoins, which are difficult to trace.
The CryptoWall note has a countdown clock, McCarthy said. If a $500 ransom is not paid in 168 hours, the ransom doubles, he said.
A Honolulu company did not pay the ransom and lost its data. Another paid and was able to access its files. In some cases, White said, paying did not unlock the data.
Accounting companies, a travel agency and other small businesses have been targeted, McCarthy said.
The best way to avoid losing files is to back up data, McCarthy and White said. That allows a computer to be wiped clean and restored using the backup.
“Especially for businesses, they should always back up their data,” White said.
Keeping anti-virus, anti-spyware and anti-malware software up to date and deleting suspicious emails also helps, McCarthy said.