News

Cyber hackers launch new ransomware

Mike Holfeld, Investigative Reporter

Published: October 3, 2016, 5:33 PM

Tags: Schemes and Ripoffs, Local, News

The latest version of a ransomware email arrived on the personal laptop of a News 6 employee in the form of a tracking message from Federal Express Friday morning.

Engineers called it a zero day attack because current anti-virus programs had not seen or contained it before.

The hit occurred on the last day of September - 24 hours before the start of Cyber Awareness Month.

News 6 information technology engineer Mike Harvey said the bogus FedEx message contained a link to “track their package.” Once the employee clicked the link the virus was activated.

“With it being Ransomware,” Harvey said,” It caused all the files to shut down.”

Orlando FBI Agent Andrew Lenzen told News 6 that the ransomware and malware files are coming from overseas.

According to Lenzen dirty files can be tracked to 79 countries including China and Hong Kong. News 6's employee never saw it coming and the truth is he’s not alone.

The FBI Cyber Division reports one particular Ransomware “variant” infiltrated roughly 100,000 computers a day within the first few weeks of showing up.

The FBI pursues so called “cyber actors” and according to Lenzen, they hold your computer’s contents hostage for money.

“If we were looking at a family they could hold photos or tax information…a small business you have everything all your customer data, all your invoicing everything is shut down,” Lenzen said.

Lenzen told News 6 that law firms, police departments and even a hospital have been hit by ransomware files.

The FBI is requesting victims reach out to their local FBI office and/or file a complaint with the Internet Crime Complaint Center, at www.IC3.gov, with the following ransomware infection details (as applicable):

1. Date of Infection
2. Ransomware Variant (identified on the ransom page or by the encrypted file extension)
3. Victim Company Information (industry type, business size, etc.)
4. How the Infection Occurred (link in e-mail, browsing the Internet, etc.)
5. Requested Ransom Amount
6. Actor’s Bitcoin Wallet Address (may be listed on the ransom page)
7. Ransom Amount Paid (if any)
8. Overall Losses Associated with a Ransomware Infection (including the ransom amount)
9. Victim Impact Statement

Copyright 2016 by WKMG ClickOrlando - All rights reserved.

About the Author

Mike Holfeld

News 6’s Emmy Award-winning Investigative Reporter Mike Holfeld has made Central Florida history with major investigations that have led to new policies, legislative proposals and even -- state and national laws. If you have an issue or story idea, call Mike's office at 407-521-1322.

1 dead, 3 wounded in shooting near Orange County apartment complex

Woman, car missing after apparent carjacking at Winter Springs intersection

Video shows possible carjacking at Winter Springs intersection

Video shows shooting in Ocoee parking lot

Orlando chapter of Zeta Phi Beta, Inc to host Bingo for Handbags