What to do in Case of a Malware Attack?

Suspicion of Malware

If you suspect that one of your systems (PC, notebook, tablet, smartphone, …) is infected with malware, get (several) up-to-date "antivirus solutions" and scan the system with them.
It is even better if you do not do this with the operating system that may already be infected, but via another, secure operating system, e.g. with Desinfec't or Kaspersky Rescue Disk.

Confirmed Malware Infection

If the suspicion is confirmed by scan or other methods, your only option is to rebuild the system, otherwise it cannot be guaranteed that all malware will really be found and removed.

It is essential to perform the following steps:

Disconnect the computer from the network immediately.
However, do not switch off the computer, this could delete important traces.
Set a new password for TUGRAZonline from another, uninfected system.
If you have also logged on to other systems with password from this system, change the passwords on all these systems as well.
Consider whether a data breach has occurred.
This may already be the case if, for example, email data was transmitted to an attacker. If there is a possibility of a data breach, report it immediately!
Inform IT Security or IT support about the incident; perhaps you are not the only one affected!
After approval by IT security build a completely new system from scratch.

Links

Data Breach

Security Incident

IT Security State of the art

CERT.at

IKT-Sicherheitsportal

Cyber Security Austria

Meldestelle Kinderpornografie

Meldestelle Hass & rassistische Diskriminierung