The Relatively New Hostage Virus

New FlashComputer viruses are our arch nemesis. In the first attack on my system in 1999, I lost everything. The computer was new with few personal files, so it wasn’t a tragic loss. The biggest headache was taking the system to a shop and having them delete the harddrive and reinstall the software.

Since then I’ve stood as the front line defence against many attempts to infect my system. The famous worm that shut down our server did not get to me because I acted quickly. Every email is scrutinized. Those suspected of carrying a virus are deleted without opening.

The attempts to damage my system were minor inconveniences. Not everyone has escaped these viruses with as little damage. But knowledge is power, and everyone who is aware of these sorts of infections can take immediate action to reduce the damage.

So when my files were taken hostage with a click of a false update, it came as a complete surprise.

I had been updating my mother’s side of the family tree. I left my computer to do a few chores. While passing, I saw a pop-up screen asking for permission to download something. Hands full, I continued on without touching the computer.

When I returned, a pop-up screen to update software I used regularly was waiting. I clicked Update and walked away. When I returned, the update notice had reappeared. Assuming I had clicked the wrong place, I clicked Update again.

Moments later, the update notice reappeared. This time, I Xed it out. It appeared again. The red flag went up in my head, and I immediately updated my files on my external harddrive. The task completed, I unplugged the external harddrive, turned off the computer and went to bed.

In the morning, I attempted to open a document file. Access was denied. I tried another file only to receive the same message. I looked into my folders and found four unrecognizable files in each one. All files started with the same text: HELP_DECRYPT.

A quick Internet search confirmed my fears: I had a virus, and not just any virus. This virus encrypted every text and image file, making it impossible for me to access them. The only way to regain access was to pay the attackers $500 in ransom. If this fee wasn’t paid within three days, the price jumped to $1,000.

I disconnected from the Internet. I assumed the virus commands were coming through my connection, and to prevent further damage, I had to severe it. I went to another system and checked my external harddrive. The panic I had felt subsided. My documents were safe.

Back at the infected computer, I checked to see how many HELP_DECRYPT files were there: more than 3,000. Yeah. That was a WOW moment.

My tech guy said the best way to deal with this virus was to wipe the system clean. If I didn’t have everything backed up on two external harddrives, I’d be devastated. Instead, the only inconvenience will be reloading software not originally on my computer.

For $94 I had my system completely wiped and reset. This wasn’t a complete waste of money since the computer was more than four years old and was having a few minor issues which slowed everything down. Now my computer runs as though it is new.

Some individuals have paid the ransom to regain their files. This only encourages the crooks to continue their scheme. Computer techs should be able to remove the virus and regain access to files, but there is no guarantee.

If you have procrastinated in backing up your files, take action now. To lose a life-time’s worth of research or writing would be heartbreaking.

Have you experienced this Hostage-taking Virus? Do you perform regular updates to soften the blow of potential virus infections?

Editing Quote 3

4 thoughts on “The Relatively New Hostage Virus

  1. Wow Diane that is awful. I do know all about hard drive crashes and was grateful I learned about backing up before the first one. I save all important dox to Dropbox and use an external back up as well. I’m getting too well-versed in redownloading everything from scratch. And I am very leery of anything that says download. I always click on the name when it says ‘so and so company would like to run program…..’ It’s a scary cyber world. Clever of you to do some FBI work by trying to log in on another system. I’ve heard so much about these cyber robbers!


    • Thanks, Debby. It is a scary cyber world we play/work/live in. I think about how much more ‘clever’ these crooks are now as compared to ten years ago and wonder about what it might be like ten years into the future. Eventually I’d like a system for my writing that has no connection to the Internet or the outside world. That way they can’t infiltrate it. I’d have a separate system for online activity. If it was taken hostage, the important things–my writing–wouldn’t be compromised.


  2. What a pain in the butt to have this happen. Thanks for the advice, Diane. It can’t be given often enough to anyone who creates their own unique files. And remember a backup is not a backup until it is offsite.


    • It was a real pain, Art. But I was lucky. The only thing I really lost were emails in storage. I did save some that were current, but the rest had to go. The biggest hassle was living without my computer for a week and then restarting on a clean slate, which meant loading software that did not originally come with the system.

      The files most important to me (half completed and completed manuscripts) are saved online in a secure place, so I can access them from anywhere. Of course, with every book published (in print and ebook form), my novels are preserved. So this is another incentive to get those books published.

      Yes, you can’t stress it enough that, “a backup is not a backup until it is offsite”.


Please Leave a Comment

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.