Follow Shaun Linkedin Facebook
Email Shaun Email
Technology
Jan 1, 2016

Ransom Price Rises: CryptoWall 4.0

Sponsored Content provided by Shaun Olsen - Founder, CloudWyze

In an article a few months ago, we told you about the price being paid by businesses hit with the new ransomware Trojan virus called CryptoLocker. It’s devastating in that it encrypts your files and forces you to pay heavily to get them returned, unencrypted.

Now, a clone has arisen in its most disturbing version yet: CryptoWall 4.0.

This version started appearing extensively in November, with a redesigned ransom note and new filenames. Taking the pain further, it now encrypts a file's name along with its data. 

The folks at Bleepingcomputer.com posted about their members being infected by what was being called the help_your_files ransomware, but it turned out to be this new version of CryptoWall.

You know you’ve been infected when you open certain files and the correct program is opened but the information isn’t displayed properly. An error message also may pop up when opening infected files, or you may find three files appearing at the root of directories containing CryptoWall-encrypted files:

  • DECRYPT_INSTRUCTION.txt
  • DECRYPT_INSTRUCTION.html
  • DECRYPT_INSTRUCTION.url
Clicking on any CryptoWall-infected file will lead you to instructions for making ransom payment. This is when you need to decide: make the payment, or attempt to reconstruct your system. Typically, the ransom amount begins at $500, and the countdown timer notes the three days in which you must make payment to the requestor – and then the fee doubles. But paying the ransom is a significant effort, requiring payment in Bitcoin.  

Note that CryptoWall, like CryptoLocker, is reasonably easy to remove with the right tools, but the files held for ransom remain encrypted after the program’s removal. According to TechRepublic, some victims claimed that paying the ransom did not always lead to the files being decrypted.

What should you do to avoid this hijacking?
  1. Back Up. The only way to be sure that your files can be restored without paying the fee is to have a clean backup. If you have any questions about what to do to be sure your backup is working and that you’re optimizing the automation, give us a call and we’ll help. But don’t simply restore a good backup onto an infected machine. This is complex stuff. Call in the surgeon before trying to cut off your own leg.
     
  2. Don’t Open Spam. Look, we know the temptation of a face cream that makes you look 20 years younger, but don’t click on that ad. If you don’t know the person sending the email, don’t open it. If a friend sends you a social media post that in any way seems odd, just ignore it. CryptoWall threats typically arrive through spam emails, malicious ads or compromised sites. Get serious about how you and your employees use the Internet – and don’t get lured in.
Viruses are so pervasive that you’re bound to be infected at some point. We suggest that you take this seriously, and get as much armor between you and the culprits as possible. This Trojan will not be the last.

Shaun Olsen is the CEO and president of CloudWyze. CloudWyze was created to help businesses focus and perform at their optimal level by crafting and executing custom technology plans for businesses of every type and size. To learn more about CloudWyze, visit www.CloudWyze.com. Shaun can be reached at [email protected] or (910) 795-1000.

Other Posts from Shaun Olsen

Cloudwyze web ad 4131595451
Ico insights

INSIGHTS

SPONSORS' CONTENT
Atromitos micheallegady headshot

Recognizing Women-Owned Small Businesses

Michealle Gady - Atromitos
Chris coudriet

A Public Service Profile on Capital Projects and County Facilities

Chris Coudriet - New Hanover County Government
Natalieenglish headshot

Chamber Members Must Use Their Voice During Elections by Voting for Pro-business, Pro-jobs Candidates

Natalie English - Wilmington Chamber of Commerce

Trending News

Auction Set For 'one-of-a-kind' Wrightsville Beach Home, Priced At Nearly $14M

Cece Nunn - Dec 2, 2022

Live Oak Bancshares Announces Upcoming Switch To NYSE

Jenny Callison - Dec 2, 2022

Film Festivals Make A Comeback

Laura Moore - Dec 2, 2022

UNCW Prepares To Launch Online Supply Chain Master's Degree

Johanna F. Still - Dec 2, 2022

Retirement U-Turn

Jenny Callison - Dec 2, 2022

In The Current Issue

Back To School At Any Age

Amy Keith returned to UNCW in 2009, this time as a program coordinator at OLLI, which focuses on lifelong learning for people 50 and older....


Local Port Volumes Remain Strong

As consumer spending remains persistent in the face of rising interest rates and pessimistic economic forecasts, a consistent stream of good...


Film Festivals Make A Comeback

Area film festivals took a hit when the COVID pandemic was at its peak, but their organizers expect lessons they learned about the importanc...

Book On Business

The 2022 WilmingtonBiz: Book on Business is an annual publication showcasing the Wilmington region as a center of business.

Order Your Copy Today!


Galleries

Videos

Trying to Grow a Business?
2020 Health Care Heroes
2020 WilmingtonBiz 100