Home » IT & Tech Blogs » Information Technology » IT Security » Ransomware is (Still) Here – Cryptowall 4 Vaccine “Fix”

Ransomware is (Still) Here – Cryptowall 4 Vaccine “Fix”

Cryptowall, the now-infamous encryption malware that locks files for ransom, has been updated.  Known as Cryptowall 4, the ransomware infects Windows machines, encrypts files, and demands users cough up crypto-cash to unlock their documents.  The new variant, thought to have been developed by Russian hackers, emakes it even harder to crack the files by scrambling file names.  While Cryptowall remains by far one of the most common families of the malware, its success has given rise to new families and variants.

Users are tricked into opening a zipped attachment from a spam campaign, which contains a malicious file, triggering an executable payload.

cryptolocker1 300x235 - Ransomware is (Still) Here - Cryptowall 4 Vaccine "Fix"
Crytowall encrypts your files and holds them ransom until you pay for a decryption key

The ransomware, upon install encrypts files making it almost impossible to regain access; it scrambles file names making it harder for victims to know which files are which.  System restore points are also erased, taking away the option of returning to a previously saved state.

The malware mocks the user, congratulating the user for becoming ” a part of large community,” according to BleepingComputer, which first detailed the changes.

cryptowall thmb1 300x243 - Ransomware is (Still) Here - Cryptowall 4 Vaccine "Fix"
Cryptowall uses bitcoin for payment

The ransomware uses bitcoin as the means of payment, which like in previous versions is handled by a centralized Tor-based command-and-control server to store decryption keys, making the attackers almost impossible to trace.

Ransomware hits thousands every week, and costs users $18 million in losses, according to estimates from the FBI. Other figures suggest the Cryptowall family alone has generated about $325 million in bitcoin ransoms.

It is critical for CEOs and CIOs to minimize risk of any virus.  Here are some common sense steps to take:

  • Keep regular backups:  This will mitigate the damage done by file-encrypting ransom-ware.
  • Install Bitdefender vaccine (The tool, which can be downloaded for free from its site, does not however undo the damage if the malware has already infected a machine, and only applies to the latest Cryptowall 4 malware; be aware as well that this software can bluescreen some systems)
  • Keep anti-virus up to date

Cryptowall Vaccine

Source: ZDNet

Republished by Blog Post Promoter

Check Also

IP 310x165 - What Can You Get from an IP Address and Why is it Important?

What Can You Get from an IP Address and Why is it Important?

Listen to Audio Why does your IP address really matter? What can you get from …

Do NOT follow this link or you will be banned from the site!