Follow Shaun Linkedin Facebook
Email Shaun Email
Technology
Jan 1, 2016

Ransom Price Rises: CryptoWall 4.0

Sponsored Content provided by Shaun Olsen - CEO & Founder, CloudWyze

In an article a few months ago, we told you about the price being paid by businesses hit with the new ransomware Trojan virus called CryptoLocker. It’s devastating in that it encrypts your files and forces you to pay heavily to get them returned, unencrypted.

Now, a clone has arisen in its most disturbing version yet: CryptoWall 4.0.

This version started appearing extensively in November, with a redesigned ransom note and new filenames. Taking the pain further, it now encrypts a file's name along with its data. 

The folks at Bleepingcomputer.com posted about their members being infected by what was being called the help_your_files ransomware, but it turned out to be this new version of CryptoWall.

You know you’ve been infected when you open certain files and the correct program is opened but the information isn’t displayed properly. An error message also may pop up when opening infected files, or you may find three files appearing at the root of directories containing CryptoWall-encrypted files:

  • DECRYPT_INSTRUCTION.txt
  • DECRYPT_INSTRUCTION.html
  • DECRYPT_INSTRUCTION.url
Clicking on any CryptoWall-infected file will lead you to instructions for making ransom payment. This is when you need to decide: make the payment, or attempt to reconstruct your system. Typically, the ransom amount begins at $500, and the countdown timer notes the three days in which you must make payment to the requestor – and then the fee doubles. But paying the ransom is a significant effort, requiring payment in Bitcoin.  

Note that CryptoWall, like CryptoLocker, is reasonably easy to remove with the right tools, but the files held for ransom remain encrypted after the program’s removal. According to TechRepublic, some victims claimed that paying the ransom did not always lead to the files being decrypted.

What should you do to avoid this hijacking?
  1. Back Up. The only way to be sure that your files can be restored without paying the fee is to have a clean backup. If you have any questions about what to do to be sure your backup is working and that you’re optimizing the automation, give us a call and we’ll help. But don’t simply restore a good backup onto an infected machine. This is complex stuff. Call in the surgeon before trying to cut off your own leg.
     
  2. Don’t Open Spam. Look, we know the temptation of a face cream that makes you look 20 years younger, but don’t click on that ad. If you don’t know the person sending the email, don’t open it. If a friend sends you a social media post that in any way seems odd, just ignore it. CryptoWall threats typically arrive through spam emails, malicious ads or compromised sites. Get serious about how you and your employees use the Internet – and don’t get lured in.
Viruses are so pervasive that you’re bound to be infected at some point. We suggest that you take this seriously, and get as much armor between you and the culprits as possible. This Trojan will not be the last.

Shaun Olsen is the CEO and president of CloudWyze. CloudWyze was created to help businesses focus and perform at their optimal level by crafting and executing custom technology plans for businesses of every type and size. To learn more about CloudWyze, visit www.CloudWyze.com. Shaun can be reached at [email protected] or (910) 795-1000.

Other Posts from Shaun Olsen

Bizjournalad300×250px
Ico insights

INSIGHTS

SPONSORS' CONTENT
Mcwhorter 0005

We Are Now in the Entrepreneur Economy

Heather McWhorter - UNCW Center for Innovation and Entrepreneurship
2022052 75 142344351

Elevating Wilmington: Why a New, Taller Bridge is Essential for Our Progress

Natalie English - Wilmington Chamber of Commerce
Untitleddesign12

Supporting Early Career Mental Health: A Guide for Employers

Trending News

Tech Wilmington: Upcoming Events Calendar

Staff Reports - Feb 5, 2025

Vantaca Hires Four Executives With Decades Of Scale-up Experience

Staff Reports - Feb 4, 2025

NCino Appoints New CEO

Staff Reports - Feb 3, 2025

City Leaders Approve Special Use Permit For Midtown Pickleball Facility

Emma Dill - Feb 5, 2025

Workforce Housing Panel: Some Steps Taken, But Problem Getting Worse

Emma Dill - Feb 4, 2025

In The Current Issue

Small Business Spotlight: Business Owner Goes Out On A Limb

This month's Small Business Spotlight focuses on Tree Nerds, a tree service that opened last year....


NCino Aims To Make Most Of AI

The rapid pace of technological development combined with a stream of regulations and requirements from the federal government has been stre...


Tourism Chief Notes Ongoing Trends

While air travel expansions flourished, some industry indicators began to lag in 2024, and tourism officials expect a "leveling off" trend t...

Book On Business

The 2024 WilmingtonBiz: Book on Business is an annual publication showcasing the Wilmington region as a center of business.

Order Your Copy Today!


Galleries

Videos

2024 Power Breakfast: The Next Season