There is a new, nasty piece of malware in the wild wreaking havoc on tens of thousands of computers running Microsoft Windows worldwide.
WanaCrypt0r 2.0 is what is known as “ransomware,” which encrypts the storage of a given computer and displays a lock screen preventing you from using your computer. The name comes from demands for payments displayed on the lock screen, which often increase as time passes without the computer owner paying the ransom.
The new worm initially proliferated among the National Health Service in the United Kingdom but has since spread to over 57,000 computers worldwide.
To avoid getting hit, the usual advice applies:
- Don't click links and/or download/open attachments from suspicious emails, people you don't know, etc.
- Look closely at the sender field of emails. The display name may match a person you know or a service you use, but the address may not (still, addresses can be faked, so this is not foolproof).
- Look closely at the actual address in links by hovering your cursor over the link and looking at the address it shows in your browser's status bar. This can be messed with in some ways, so again, be careful.
- Keep Windows as up to date as possible, turning on automatic updates for critical updates like security patches.
- Run a known good antivirus program downloaded from its actual, official website.
To remove ransomware, PC World has a comprehensive guide.