May 8, 2015

Cryptolocker is Attacking ShadowProtect Backups

We covered Cryptolocker in a post back in October of 2014 after a surge in requests for recovery from the Probax reseller network.

Fast forward to May 2015, and it appears we're in the midst of another surge in Cryptolocker infections. There have been 5 requests for full recoveries in less than 2 working days. The biggest surprise of all? Service providers are being caught off guard by having their local ShadowProtect backups encrypted by the ransomware.

This stems from initial assessments of encrypted clients, where service providers have made the assumption that only documents are affected by it. Cryptolocker has evolved to the point now where it is not searching for certain file extensions (i.e .doc) thus making local backups like .SPI and .SPF files vulnerable.

If you are an IT service provider and are concerned about the safety of your clients data and backups, speak to us today about replicating those backups to the Probax cloud and enjoy the peace of mind that comes from off-network backups with unlimited retention periods.