ZCryptor is a malicious software that infects removable devices and network drives to encrypt files stored on a computer. It mainly spreads through spam emails, macro malware or fake installers. ZCryptor was first discovered by a security researcher named Jack, after which Microsoft also investigated the potential threats caused by the ransomware. The company issued an alert for the users stating:

“We are alerting Windows users of a new type of ransomware that exhibits worm-like behavior. It leverages removable and network drives to replicate itself and infect more systems. We detect this ransomware as Ransom:Win32/ZCryptor.A.”

According to the researchers, the ransomware was initially designed to target systems with Windows XP 64 bit, but computers having the latest version of the operating system can also be infected.

How Does ZCryptor Work?

To infect a computer system, ZCryptor uses the common phishing techniques, such as camouflaging an executable file as a known software, usually Adobe Flash Player, or through macro files in Microsoft Office. Once executed on the system, the ransomware starts encrypting the files stored in it. It creates a registry key to ensure auto-execution on every start-up. Next, an ‘autorun.inf’ file is installed on the removable drives so that the malware spreads to all computer systems that these devices connect to. It replicates by creating copies in different network drives and using multiple file attributes in order to avoid detection by the users.

ZCryptor is known to encrypt a wide range of file formats including documents, audio, video, image, archive, database, APK, Java source code etc. and change their extension to ‘.zcrypt’. Upon encryption of all the files, a pop-up appears on the computer screen, asking the user to pay a ransom amount to get access to the unique decryption key.

How To Protect Against ZCryptor?

• Keep your operating system and other software updated to stay protected against the known vulnerabilities.
• Avoid visiting suspicious websites, opening unknown email attachments and downloading software from unidentified developers.
• Use a reliable anti-virus software to prevent and detect malware infections.
• Disable macro files in Microsoft Office.
• Keep a backup of your files on a removable media device to minimize the consequences of a ZCryptor attack.
• Format the infected removable drives before you connect them to other computer systems.

For more information about ZCryptor ransomware, you can contact Centex Technologies at (972) 375-9654.

With more than 300 million users, LinkedIn provides a networking opportunity for business professionals across the world. However, just like other social media platforms, LinkedIn also has its own set of security issues. It is important that you protect your account in order to safeguard your information and avoid spoiling your online reputation.

Given below are some tips to protect your LinkedIn profile:

• Update Your Privacy Settings: Make sure you review your privacy settings to keep a check on the information you want to share with your connections. For instance, you should turn off your activity broadcasts if you do not want to display updates about the changes you made to your profile. You can also change the visibility settings for your profile picture, connections and other professional details.
• Opt For Two Step Verification: LinkedIn allows its users to activate two step verification for their accounts. This offers a higher level of protection and prevents the incidence of identity theft and unauthorized account access by the cybercriminals. When you choose two step verification, you will be required to enter the password, along with a numeric code sent to your phone when logging in from an unrecognized device.
• Verify Your Connections: You should connect only with the people you know. Adding unknown connections or merely acquaintances puts your account information at risk. Cybercriminals use fake accounts to connect to entrepreneurs and gain access to their business information that can be further used for malicious purposes. Therefore, if you receive a connection request on LinkedIn, make sure you verify the profile to check if anything seems to be suspicious.
• Change Your Password Frequently: It is recommended to follow the best password practices to safeguard your LinkedIn account from unauthorized access. Create a strong password that includes random letters, numbers and symbols. You should use different passwords for all your online accounts and change them after every few months.
• Check Third Party Apps Connected To Your Account: Be watchful about the apps you have authorized to connect with your LinkedIn account. These can access all your confidential data and hence, you must review the apps that you have permitted. Deactivate all the apps that you do not recognize or use anymore.

For more information on LinkedIn and social media security tips, feel free to contact Centex Technologies at (972) 375 – 9654.