Zepto virus caution including Dropbox and Google Drive users

zeptoIts common knowledge that you should be careful when opening any unusual email attachments, however at this current time be extra cautious!

The ‘Zepto’ virus is one of the most potentially destructive viruses I have encountered. The Zepto virus is the newest version of ‘ransomware’ – it works by encrypting all of a user’s documents with the hope that you will pay a ransom fee to have the files unencrypted. The virus is delivered via an email attachment and once opened quickly gets to work in encrypting your files. Two clients last week encountered the virus, one smartly pulled the power plug on their PC before all documents were encrypted. Luckily, both have some form of usable backup. Please be extra careful when opening any suspicious looking emails. If it looks fishy delete it straight away!

This can also badly affect those using cloud based file storage such as Dropbox or Google Drive as once the files are encrypted they then sync up to the cloud and the latest version of the file is the zepto’d version. This can be resolved by restoring an older version an infected/encrypted file, however, it can be a painful process as this has to be done file by file – Google Drive don’t provide a bulk restore of files from a previous time point.

Here are Google’s instructions on how to restore non Google files such as Word and Excel files:

  • Log onto Google Drive via a web browser e.g. Google Chrome
  • Right Click on the Non Google Docs file (ex. pdf).
  • select Manage version.
  • click the three dots corresponding to the Old version of the file.
  • select download.
  • On the downloaded file, rename the file and delete the .zepto from the filename. – e.g myfile.zepto.xls = myfile.xls (result)
  • You should be able to open your downloaded file after doing these steps

The only way to truly protect yourself is to have a good backup in place.