Follow Us

We use cookies to provide you with a better experience. If you continue to use this site, we'll assume you're happy with this. Alternatively, click here to find out how to manage these cookies

hide cookie message

Cryptolocker scrambles US law firm's entire cache of legal files

Trojan looked like voicemail attachment

Article comments

A small US law firm has bravely admitted losing its entire cache of legal documents to the Cryptolocker Trojan despite attempting to pay the $300 (£180) ransom in a bid to have them unscrambled.

According to TV reports, Goodson’s law firm in North Carolina's largest city Charlotte became the latest victim of a malware menace that was custom-written to lever ransom money from precisely this type of relatively cash-rich but time-poor firm.

The email infected a company server holding thousands of important documents after an email with a malicious attachment was mistaken for a message sent from the firm's phone answering service.

That error left every single document used by firm on its main server in an encrypted state, including Word, WordPerfect and PDF files, said Goodson’s owner, Paul M. Goodson.

"The virus also warned if you tried to tamper or decrypt anything, it was going to be permanently locked and you could never open it,” Goodson said.

After IT staff were unable to make any headway against the malware’s encryption, Goodson tried to pay the ransom but discovered that the grace period – another nasty aspect of Cryptolocker - had expired.

The only blessing was that the malware had scrambled files and not stolen them, Goodson added.

According to the Wsoctv TV channel, local police were aware of at least 30 cases where paying the ransom had resulted in an unlock key being delivered. Balancing this, we should point out that not everyone has reported having this success.

The best general advice is to avoid needing an unlock key at all by backing and archiving up files on a regular basis. Cryptolocker starts encrypting files quickly so anything backed up even hours before should be recoverable if a backup is available. 

Goodson’s Law Firm is only the latest in a very long line of SMEs that has found itself on the receiving end of Cryptolocker’s nastiness but there are some encouraging elements to the incident. The fact that an SME is willing to speak of its troubles to a local TV station suggests that the traditional taboo over owning up to malware incidents could be waning.

A less positive way of looking at it is to say that such attacks are now so normal many SMEs are being forced to view malware as just another hazard to be endured as a straightforward cost of business.

Other recent Cryptolocker attacks in the US have included a town hall that lost eight years of documents and even a police department that brazenly admitted to having paid $750 for two Bitcoins to buy back sensitive files locked by the Trojan. Small-town America is only slowly waking up to this remarkably effective malware's potent threat.

Correction: this story originally mis-stated Charlotte (rather than Raleigh) as being North Carolina's state capital.


More from Techworld

More relevant IT news


dourscot said: This has been re-stated

Nick said: Thats what you get for hiring dumb jocks that fits underneath the desk

Mike_Acker said: treat cryptolocker same as a hard disk crashcaution cryptolocker will scramble all accessible drives make sure your backup drive is OFFLINE

Chris O'Grady said: and dont you mean unscambled Whatever scambled meant in the first place You tell me

Chris O'Grady said: Scambles isnt in my dictionary Is it in yorn

brad said: Really nasty ransomware trash for sure Also Charlotte is not the capitol of North Carolina Dont open attachments that arent from trusted sources

Send to a friend

Email this article to a friend or colleague:

PLEASE NOTE: Your name is used only to let the recipient know who sent the story, and in case of transmission error. Both your name and the recipient's name and address will not be used for any other purpose.

Techworld White Papers

Choose – and Choose Wisely – the Right MSP for Your SMB

End users need a technology partner that provides transparency, enables productivity, delivers...

Download Whitepaper

10 Effective Habits of Indispensable IT Departments

It’s no secret that responsibilities are growing while budgets continue to shrink. Download this...

Download Whitepaper

Gartner Magic Quadrant for Enterprise Information Archiving

Enterprise information archiving is contributing to organisational needs for e-discovery and...

Download Whitepaper

Advancing the state of virtualised backups

Dell Software’s vRanger is a veteran of the virtualisation specific backup market. It was the...

Download Whitepaper

Techworld UK - Technology - Business

Innovation, productivity, agility and profit

Watch this on demand webinar which explores IT innovation, managed print services and business agility.

Techworld Mobile Site

Access Techworld's content on the move

Get the latest news, product reviews and downloads on your mobile device with Techworld's mobile site.

Find out more...

From Wow to How : Making mobile and cloud work for you

On demand Biztech Briefing - Learn how to effectively deliver mobile work styles and cloud services together.

Watch now...

Site Map

* *