Beware of Cryptowall!

A new and nasty bug is making its way around the globe. The infection, technically a variant of malware is known as “ransomware.” The only way to get the files back is to pay a ransom, which is anywhere from $300 to $1200.  However, we have seen some users pay the ransom but never receive their information.

How dangerous is Cryptowall?

  • Crypotowall is indiscriminate and silent. Since the program encrypts any files on any drive it can see, it can easily destroy the accounting files on your network drives as well as the family pictures stored (inadvisably) on your employees’ work laptop.
  • In addition, it is particularly nasty as it deletes Windows restore points and shadow copies in an effort to give you no option but to pay the ransom.

How does Cryptowall work?

  • Cryptowall tricks users into opening a file or visiting a link that is infected.
  • Once the user opens the file or visits the website Cryptowall encrypts the files on your hard drive or any attached hard drive rendering them unusable.  Links may point to Dropbox or emails can be seen coming from UPS or FedEx delivery reports, wire transfers, and payroll information.
  • Users are given the option to pay $300 – $1200 to get your information back

Examples of Cryptowall.

  • Email attachments disguised as voice mail messages or incoming faxes.
  • Links pointing to Dropbox.
  • Emails purporting to be UPS or FedEx delivery reports.
  • Emails containing wire transfer or payroll information.

How to avoid Cryptowall?

  1. Keep your anti-virus up to date
  2. Patch common applications such as Adobe Reader, Java and Silverlight
  3. NEVER open unknown attachments or email from unknown senders.  Delete the message and report it to your IT administrator.
    • See a fax from a service you didn’t know you had? Don’t open it!
    • A voice mail message you don’t recognize? Don’t open it!
    • A Dropbox link from a bank? Don’t open it!

Think you have an infected computer?

  1. Immediately turn off your computer.
  2. Cross your fingers and toes.
  3. Contact an IT professional.