Really nasty. That is what it is.
This malicious software (malware) has been spreading through fake emails that disguise themselves as coming from legitimate companies such as FedEx or UPS. The malware has the ability to find and encrypt files you have access to no matter where they are located: shared network drives, USB drives, external hard drives, network file shares and even some cloud storage drives. If one computer on a network becomes infected, all other computers on that network run the risk of being infected as well.
What about getting your information back? Unless it is backed up on an external drive that is not hooked up to your network or computer, odds are your information is gone. There is no way to decrypt your files either, seeing as the hackers have the key needed to decrypt them. While victims are told they have three days to pay the attacker through a third-party payment method (MoneyPak, Bitcoin), some victims have claimed online that they paid the attackers and did not receive the promised decryption key. A good idea is to not pay the attackers and seek immediate assistance.
How do you prevent it?
• Do not click on unsolicited web links in email messages or give any personal information to webpages in links
• Do not open email attachments that are not from personally trusted sources. If you say to yourself "I wonder why they sent me this email" then you should most likely not download any attachments or images from that email
• Keep your antivirus software up-to-date
• Regularly back-up all your data on one or more storage devices and DO NOT leave these devices connected to your computer or network
• Keep your operating system up-to-date
• If any emails seem shady at all, steer clear of them
What to do if you have already been infected?
• If you find yourself unable to access certain files, receiving warnings stating that your files have been "encrypted," or opening files that look like an alien wrote them, then shut down your computer immediately and call Method at 800.888.METHOD for further assistance.
• After removing the malware, reset ALL passwords that you had since your old passwords have now been compromised and are no longer safe