Crypto Ransomware Family grows: what you need to know about CryptoWall trojan

CryptoWall is the new an improved version of ransomware such as CryptoBit, Cryptolocker, and CryptoDefense.

Read previously posted “Beware of Cryptolocker Trojan Ransomware” for more screenshots and tips on how to identify and rid of the ransomware.

Ransomware is a type of a malicious software that takes over your computer system and restricts access to your files and folders, by way of encryption, until you make an online ransom payment to the malware maker.

Screenshot of CryptoWall ransomware message
Screenshot of CryptoWall ransomware message

7 Quick facts about CryptoWall

  1. CryptoWall is a ransomware that is an improved version of “Crypto” malware family, a superior extension of Cryptolocker. It is affecting a variety of end users, businesses, and IT consultants.
  2. CryptoWall targets all versions of Windows including Windows XP, Windows Vista, Windows 7, and Windows 8
  3. CryptoWall is most likely to spread through websites by using malicious advertisements on well-known domains, such as The Guardian, Disney or Facebook.
  4. Like other forms of ransomware, CryptoWall encrypts the local files on end user’s computer system until a ransom is paid.
  5. To arrange for a ransom payment, CryptoWall displays a graphic file that instructs the user to access a payment site that can be used to send in the money through the Tor network (Anonymity Online project). It only accepts the Bitcoins for payment.
  6. Ransom $ amount starts at approximately $200.00 and goes up with time, and may reach 3x times the amount if ransom not paid before the clock stops ticking.
  7. There is no proven guarantee that paying ransom will result in restoring your data – just remember that if you choose to pay the ransom.

What if your system is already infected with ransomware?

If CryptoWocker malware infection occurs in your Computer Network and its payment demand page is already popped-up and running, you can try using a good anti-virus tool such as Sophos Free Virus Removal Tool  to remove it and clean up the system, but the Virus Removal Tool cannot decrypt your scrambled files – the contents are unrecoverable without the key. 

If you choose not to pay the ransom you may as well delete unrecoverable files.

When infection occurs, it may be necessary to have your entire environment restored from a clean backup. Should this take place, you may loose some recent work performed after the last backup and may be unable to access your environment while the infection is researched and removed.

Don’t want to get hit by ransomware? Be Proactive!

Make sure to have a good anti-virus system in place (may we recommend ESET). Keep it up-to-date, make sure it does not expire and leave you unprotected – and update virus definitions on time, making sure it protects you from the latest threats.

powersolution.com practices in depth defense utilizing multiple anti-malware layers and vendors; however, no vendor can guarantee 100% effectiveness against all malware. End-user behavior is essential in the fast-evolving fight with malware.

We are committed to providing continued excellent support to meet your business needs. Please contact powersolution.com with any questions.

 

How is your state of IT? Call Us: (855) 551-7760 with any questions.