Schulz Consulting 833-724-3100

Sage 100cloud Consulting

Sage 100 Starts – But Menus Have Disappeared

by

cryptolocker

If you are trying to access your Sage 100 ERP accounting solution and find that you are able to start the program however when you navigate to the menus they are suddenly blank – you should check to be sure your system has not been infected by Cryptolocker malware.

This malware is transmitted typically by email attachments. Once a user opens and clicks the illicit file the program begins to encrypt certain files on your computer – and any connected drives. The only known cure is to restore from a backup or pay the ransom demanded by the malware authors.

Wikipedia describes the Cryptolocker malware as:

 

CryptoLocker is a ransomware trojan which targets computers running Microsoft Windows[1] and was first observed by Dell SecureWorks in September 2013.[2][3] A CryptoLocker attack may come from various sources; one such is disguised as a legitimate email attachment. When activated, the malware encrypts certain types of files stored on local and mounted network drives using RSA public-key cryptography, with the private key stored only on the malware’s control servers. The malware then displays a message which offers to decrypt the data if a payment (through either Bitcoin or a pre-paid voucher) is made by a stated deadline, and threatens to delete the private key if the deadline passes. If the deadline is not met, the malware offers to decrypt data via an online service provided by the malware’s operators, for a significantly higher price in Bitcoin.

Although CryptoLocker itself is readily removed, files remain encrypted in a way which researchers have considered infeasible to break. Many say that the ransom should not be paid, but do not offer any way to recover files; others say that paying the ransom is the only way to recover files that had not been backed up. Payment of the ransom may not result in the files being decrypted.

Newer variants under similar names, such as Cryptobit, Cryptowall and Cryptodefense are also known to exist.

We recommend that you educate staff against opening any file attachments received through email which they were not expecting. Many times these attachments have come disguised as delivery notices or voice mail files.

Another symptom that indicates you may have been exposed to this malware are various files which are left behind in your computer folders as shown below:

 

crypto

 

The only known defense to the Cryptolocker malware is a good backup. And remember that the malware can infect any drive attached to your server so if you’re saving backups to a USB driver or to another connected drive the backups may be no good when you need to restore.

Heavy duty solutions such as those offered by Ever Safe store your data off-site and in some instances also provide you with an appliance which sits in your office and can help you replicate any impacted servers within a short period of time.

 

 

eversafe

 

Create a full system backup on a regular basis. This backup should not be onto a drive attached to – or accessible by – your network. If you are seeking a reliable solution for backup we recommend talking with the folks at Eversafe Backup who offer a solution that can mirror your server off-site and have you up and running within hours of an attack.

Please do NOT ignore the need for a solid backup plan. We recently had an end user who was offline for 8 full business days as they attempted to recover from this malware.

 

 

Parcel Is Located Already At Post Office: Warning USPS Delivery Scam Email

by

If you’ve received the following email alert about a package sent via express mail which is awaiting your pickup – be advised the US Postal Service   is warning that this is a scam.

There is likely an attachment to that email which when clicked will infect your computer. Delete any such notifications unopened.

Here is a copy of one such bogus email:

From: USPS Customer Service
Date: Thu, May 10, 2012 at 10:00 AM
Subject: Parcel is located already at the post office
To: sales@s-consult.com

Delivery information,

We couldn’t deliver your parcel at your address.
Reason deny\Postal code isn’t specified.

LOCATION OF YOUR ITEM:Amarillo
STATUS: not delivered
SERVICE: Express Mail
NUMBER OF YOUR ITEM:U756213378NU
FEATURES: No

Postal label is enclosed to the letter.
Print your label and show it at the post office.

An additional information
If the parcel isn’t received within 30 working days our company will have the right to claim compensation from you for it’s keeping in the amount of $5.13 for each day of keeping.

You can find the information about the procedure and conditions of parcels keeping in the nearest office.

Thank you for using our services.
USPS Services.

via: USPS (PDF Warning)

Contact Us

Schulz Consulting
160 Oak Street
Glastonbury, CT 06033
Phone: 833.724.3100
Email Us
Locally serving all of Connecticut, Massachusetts, Rhode Island, Vermont,
New York, New Jersey. Available remotely nationwide. We are a local affiliate of DSD Business Systems.