Put simply, ransomware is a trojan horse variety of malware that locks down all programs and files on your computer and doesn't let you access them until you pay money. For a more detailed explanation of the nuts and bolts, watch the video embedded in this story.
The malware looks like a legitimate application, borrowing the look and feel of a Windows app, including the "green shield" Windows uses in its security console. There are a couple of clues that this is a scam though:
- The bane of scam artists everywhere: their weak grasp of English. This malware misspells "you're" as "your're". Bonus points for using the right form of the word though!
- No legitimate virus software would lock an application or a file and not let you access them. Virus protection software will identify infected files. It will quarantine them for you. It will beg you not to access those files until you get them cleaned up. But if you choose to do it anyway, the software will let you. It's still your computer.
- No virus yet invented can infect every application, every Word document, every spreadsheet, every picture file, every video, every music file, every everything on a computer at once. If your virus software ever tells you that every single thing on your computer (except the web browser, since you need that to pay) is infected, you're interacting with malware.
- Disconnect the infected machine from the internet by unplugging the ethernet cable or shutting it down.
- Use another computer to search for solutions using the name of the malware (as it appears on your infected computer's screen. You will probably need to find something that can be put onto a memory stick and transferred to the affected computer.
- Use the information in this post to help safeguard against future infections.