22 Jun

New Ransomware Attacks With JavaScript

A newly discovered ransomware does away with downloading a malicious file, carrying out the encryption itself

A new form of ransomware has emerged that tries to evade detection by carrying out all its encryption using the JavaScript scripting language.

This the latest in the rapidly expanding ransomware category, which has grown into a significant threat in recent months as criminals are attracted by lucrative payouts.

“The JavaScript doesn’t download the ransomware, it is the ransomware,” wrote Sophos researcher Paul Ducklin in an advisory. “No additional software is downloaded, so once the JS/Ransom-DDL malware file is inside your network, it’s ready to scramble your data and pop up a ransom message all on its own.”

The script arrives as an attachment called Invoice.txt.js, which appears as “invoice.txt” on most Windows systems, which are configured by default not to display file extensions.

If opened, JavaScript attachments of this kind execute by default in the Windows Script Host (WSH), which doesn’t impose any restrictions.

The new technique is simpler than the most common method of infection, which involves the use of a Word document which then downloads executable code from a remote server.

If you think you may have been infected by this ransomware or  any other malware, give us a call on 01539 720104.


08 Apr

New ransomware that knows where you live!

ransomwareA new email phishing campaign has started sending thousands of ominous-looking emails that contain the recipient’s home address.

The well-worded email appears to come from legitimate email addresses, and raises very few irregularities. The email comes with a demand for money for an arbitrary service, along with a web link that purports to be an “overdue invoice.”

Click the link and open the file (which looks like a Word document), and you’ll become the latest victim of ransomware — that is, malware that encrypts your files and locks you out of your computer until you pay a ransom and the longer you wait, the larger the ransom you have to pay.

It appears that the scammers are leveraging some sort of database that has home addresses publicly available and using this for the scam.

Restoring from a backup is the only option available if you get infected by this type of virus, so make sure you have current and valid backups. If you need any help with backups or virus removal, please get in touch.

18 May

Superfast Broadband for Cumbria

Superfast, fibre broadband (FTTC) has been available for a while and most businesses who can get fibre have already taken advantage of the faster download and upload speeds it provides.  But some businesses have felt a little left out because Fibre broadband isn’t available to all!  Those close to the telephone exchange (EO lines) and some in more remote areas who don’t have a cabinet to connect to cannot get fibre broadband and have to make do with slow ADSL speeds.

But things are slowing changing with the help of Connecting Cumbria.  They are working with BT to enable as many cabinets as they can and install new cabinets for the exchange only lines.  Kendal has seen a number of cabinets pop up in the last few weeks helping businesses in the centre of town get superfast broadband.  This project is going on all over Cumbria and they hope to bring fibre broadband to as many people as possible.

If you want to check if fibre broadband is available to your business, you can use BT’s DSL checker.  If you want some ideas on how your business can utilise a faster broadband connection, just give us a call on 01539 720104