Follow Shaun Linkedin Facebook
Email Shaun Email
Technology
Jan 1, 2016

Ransom Price Rises: CryptoWall 4.0

Sponsored Content provided by Shaun Olsen - Founder, CloudWyze

In an article a few months ago, we told you about the price being paid by businesses hit with the new ransomware Trojan virus called CryptoLocker. It’s devastating in that it encrypts your files and forces you to pay heavily to get them returned, unencrypted.

Now, a clone has arisen in its most disturbing version yet: CryptoWall 4.0.

This version started appearing extensively in November, with a redesigned ransom note and new filenames. Taking the pain further, it now encrypts a file's name along with its data. 

The folks at Bleepingcomputer.com posted about their members being infected by what was being called the help_your_files ransomware, but it turned out to be this new version of CryptoWall.

You know you’ve been infected when you open certain files and the correct program is opened but the information isn’t displayed properly. An error message also may pop up when opening infected files, or you may find three files appearing at the root of directories containing CryptoWall-encrypted files:

  • DECRYPT_INSTRUCTION.txt
  • DECRYPT_INSTRUCTION.html
  • DECRYPT_INSTRUCTION.url
Clicking on any CryptoWall-infected file will lead you to instructions for making ransom payment. This is when you need to decide: make the payment, or attempt to reconstruct your system. Typically, the ransom amount begins at $500, and the countdown timer notes the three days in which you must make payment to the requestor – and then the fee doubles. But paying the ransom is a significant effort, requiring payment in Bitcoin.  

Note that CryptoWall, like CryptoLocker, is reasonably easy to remove with the right tools, but the files held for ransom remain encrypted after the program’s removal. According to TechRepublic, some victims claimed that paying the ransom did not always lead to the files being decrypted.

What should you do to avoid this hijacking?
  1. Back Up. The only way to be sure that your files can be restored without paying the fee is to have a clean backup. If you have any questions about what to do to be sure your backup is working and that you’re optimizing the automation, give us a call and we’ll help. But don’t simply restore a good backup onto an infected machine. This is complex stuff. Call in the surgeon before trying to cut off your own leg.
     
  2. Don’t Open Spam. Look, we know the temptation of a face cream that makes you look 20 years younger, but don’t click on that ad. If you don’t know the person sending the email, don’t open it. If a friend sends you a social media post that in any way seems odd, just ignore it. CryptoWall threats typically arrive through spam emails, malicious ads or compromised sites. Get serious about how you and your employees use the Internet – and don’t get lured in.
Viruses are so pervasive that you’re bound to be infected at some point. We suggest that you take this seriously, and get as much armor between you and the culprits as possible. This Trojan will not be the last.

Shaun Olsen is the CEO and president of CloudWyze. CloudWyze was created to help businesses focus and perform at their optimal level by crafting and executing custom technology plans for businesses of every type and size. To learn more about CloudWyze, visit www.CloudWyze.com. Shaun can be reached at [email protected] or (910) 795-1000.

Other Posts from Shaun Olsen

Cloudwyze web ad 4131595451
Ico insights

INSIGHTS

SPONSORS' CONTENT
Katiebraskett web

September 2022 Freight Market Update

Katie Braskett - MegaCorp Logistics
Headshotrosaliecalarco 1182131047

Identity Theft Awareness

Headshot1 2162265156

The Guiding Principles of a Credit Union

Sarah Stone - Excite Credit Union

Trending News

Surgery Practice Buys Cameron Land To Build New Facility

Cece Nunn - Mar 17, 2023

Endowment CEO Outlines Strategic Plan Framework

Jenny Callison - Mar 17, 2023

In The Current Issue

Volunteers Tackle Taxing Challenges

Every year, dozens of individuals in the Cape Fear area undergo many hours of training and then dedicate themselves to multiple weeks of pub...


Game On? The Ins And Outs Of A Potential Leland Minor League Baseball Team

Financing and revenues are key to a minor league team’s sustainability....


Hospital Officials Talk Layoffs, Growth

During a WilmingtonBiz Talk interview conducted live on Facebook by Business Journal editor Vicky Janowski on the day of that anniversary, t...

Book On Business

The 2023 WilmingtonBiz: Book on Business is an annual publication showcasing the Wilmington region as a center of business.

Order Your Copy Today!


Galleries

Videos

2022 Power Breakfast: Wilmington's Most Intriguing People - George Taylor