Locky Ransomware
CAS Information Technology has come across a number of computers infected with a ransomware named Locky.
In these cases, all of the documents on the computer were encrypted and at this point, are unrecoverable.
The computers require a complete rebuild before they can be returned. The infections came from an email attachment, which may have been labeled “Invoice” or something similar, which delivered their payload upon being opened.
Because of this, I’d like to remind everyone not to open attachments you are not expecting, and pay close attention to the email address of the sender. If you are unsure if a message is legitimate, please feel free to contact our office at 617 353-5930 or cashelp@bu.edu.
This is also a reminder to review your data backup practices, which our office can provide assistance with.
More information about Locky can be found here: https://nakedsecurity.sophos.com/2016/02/17/locky-ransomware-what-you-need-to-know/