Follow Shaun Linkedin Facebook
Email Shaun Email
Technology
Jan 1, 2016

Ransom Price Rises: CryptoWall 4.0

Sponsored Content provided by Shaun Olsen - CEO & Founder, CloudWyze

In an article a few months ago, we told you about the price being paid by businesses hit with the new ransomware Trojan virus called CryptoLocker. It’s devastating in that it encrypts your files and forces you to pay heavily to get them returned, unencrypted.

Now, a clone has arisen in its most disturbing version yet: CryptoWall 4.0.

This version started appearing extensively in November, with a redesigned ransom note and new filenames. Taking the pain further, it now encrypts a file's name along with its data. 

The folks at Bleepingcomputer.com posted about their members being infected by what was being called the help_your_files ransomware, but it turned out to be this new version of CryptoWall.

You know you’ve been infected when you open certain files and the correct program is opened but the information isn’t displayed properly. An error message also may pop up when opening infected files, or you may find three files appearing at the root of directories containing CryptoWall-encrypted files:

  • DECRYPT_INSTRUCTION.txt
  • DECRYPT_INSTRUCTION.html
  • DECRYPT_INSTRUCTION.url
Clicking on any CryptoWall-infected file will lead you to instructions for making ransom payment. This is when you need to decide: make the payment, or attempt to reconstruct your system. Typically, the ransom amount begins at $500, and the countdown timer notes the three days in which you must make payment to the requestor – and then the fee doubles. But paying the ransom is a significant effort, requiring payment in Bitcoin.  

Note that CryptoWall, like CryptoLocker, is reasonably easy to remove with the right tools, but the files held for ransom remain encrypted after the program’s removal. According to TechRepublic, some victims claimed that paying the ransom did not always lead to the files being decrypted.

What should you do to avoid this hijacking?
  1. Back Up. The only way to be sure that your files can be restored without paying the fee is to have a clean backup. If you have any questions about what to do to be sure your backup is working and that you’re optimizing the automation, give us a call and we’ll help. But don’t simply restore a good backup onto an infected machine. This is complex stuff. Call in the surgeon before trying to cut off your own leg.
     
  2. Don’t Open Spam. Look, we know the temptation of a face cream that makes you look 20 years younger, but don’t click on that ad. If you don’t know the person sending the email, don’t open it. If a friend sends you a social media post that in any way seems odd, just ignore it. CryptoWall threats typically arrive through spam emails, malicious ads or compromised sites. Get serious about how you and your employees use the Internet – and don’t get lured in.
Viruses are so pervasive that you’re bound to be infected at some point. We suggest that you take this seriously, and get as much armor between you and the culprits as possible. This Trojan will not be the last.

Shaun Olsen is the CEO and president of CloudWyze. CloudWyze was created to help businesses focus and perform at their optimal level by crafting and executing custom technology plans for businesses of every type and size. To learn more about CloudWyze, visit www.CloudWyze.com. Shaun can be reached at [email protected] or (910) 795-1000.

Other Posts from Shaun Olsen

Bizjournalad300×250px
Ico insights

INSIGHTS

SPONSORS' CONTENT
Jane

The Childcare Cost Dilemma

Jane Morrow - Smart Start of New Hanover County
Burrus rob headshot 300x300

Spreading Wings for Flight: 2nd Annual Trade Show Highlights the Ingenuity of UNCW Business Students

Robert Burrus - Cameron School of Business - UNC-Wilmington
Tommytaylor ceo unitedway

How Philanthropy Fits Into Your Financial Plan

Tommy Taylor - United Way

Trending News

Conservation Group Signs $8M Deal To Buy The Point On Topsail Island

Audrey Elsberry - Mar 26, 2024

National Organization Bestows Top Award On Cape Fear Professional Women In Building

Staff Reports - Mar 26, 2024

Engineering Firm Hires Four Employees

Staff Reports - Mar 26, 2024

N.C. Ports Officials React To Baltimore Bridge Collapse

Audrey Elsberry - Mar 26, 2024

NCino's Fourth-quarter Earnings Signal Rebound From Liquidity Crisis

Audrey Elsberry - Mar 27, 2024

In The Current Issue

Park Progress

The planning for Pender Commerce Park began in the early 2000s when the county wanted to create an economic driver on its largely rural west...


Expanding Tastes On Castle Street

As John Willse and Beth Guertin, owners of Wilmington Wine bottle shop and now the recently opened Creative Tastings restaurant on Castle St...


Hacking Cyberdefense Shortage

A shortage of cybersecurity professionals influenced professor Ulku Clark and her team to slowly evolve UNCW’s offerings to now include eigh...

Book On Business

The 2024 WilmingtonBiz: Book on Business is an annual publication showcasing the Wilmington region as a center of business.

Order Your Copy Today!


Galleries

Videos

2023 Power Breakfast: Major Developments