Cryptowall: An Old Security Threat Gets a Makeover

Photo via Intronis.

It’s the ransomware that just won’t go away. A few months ago, we told you about Cryptolocker, a nasty virus that encrypts your files and promises to decrypt them for you – after you pay a $300 ransom.

The word got out about Cryptolocker, and the update is that it stopped working in early June and a potential mastermind has been targeted by authorities.

But that doesn’t mean you can rest easy – the hole left by Cryptolocker has been filled by a new ransomware threat: Cryptowall.

Cryptowall works much the same way Cryptolocker did: Once your computer is infected, the virus works to encrypt all of your files and documents. You don’t even know it’s there until its work is done. Once it has encrypted your files, a message pops up to tell you everything has been encrypted; to decrypt the files, you must send $500 -- $1,000 if you wait 48 hours.

Cryptowall is spread in a several ways:

  • Spam email with a suspicious link to cloud storage provider Dropbox
  • Spam email saying that you have a fax message, with a link for claiming it
  • Infected advertisements and pop-up advertisements
  • As a fake update for software such as Adobe Reader, Flash Player, or Java Runtime Environment
  • Spam email attachments

Once on your computer, Cryptowall uses security gaps in Silverlight, Flash, and Java. It is targeted at all versions of Windows, including Windows XP.

If you’ve been infected by ransomware like Cryptowall, what should you do?

First, do not pay the ransom. There’s no guarantee your files will be decrypted, and you only prove to the programmers of this malicious virus that their work is profitable.

Second, don’t panic. Call us at PNSolutions – we’re security experts, and we can help you through the difficult process of cleaning up your computer or computer system and recovering your files from backups.

If you’re not infected, how can you protect yourself?

The steps to protect yourself from Cryptowall are the same we recommended when Cryptolocker came along:

  • Keep your security software up to date. Updated software can catch new threats.
  • Never click on an unexpected email link or attachment – even if the message appears to be from someone you know. Call the sender to confirm the email. If you can’t confirm it, don’t click on it.
  • Be careful when clicking on advertisements on websites. If it seems suspicious or is promising something too good to be true, don’t click on it.
  • Back up your files regularly – preferably off site. Not sure how to do this? PNSolutions can help.

If you’re worried about the security of your computer or computer network, don’t hesitate to call us. We’re happy to consult with you, evaluate your network, and recommend solutions to make your network more secure.

Comments are closed.