CryptoWall 4.0

CryptoWall 4.0 – Don’t get held to ransom!

Written on November 12, 2015 at 09:32 PM By Emily Gam

It’s not only the rich and powerful who need to be vigilant against ransom demands, you do too!

The latest version of CryptoWall ransomware has gone viral and it’s nastier and smarter than ever. The 4th version of CryptoWall has better evasion techniques and tactics to elude antivirus programs.

If you haven’t heard of ransomware before, you need to be aware of it now. Ransomware attacks your computer through infected email attachments, encrypts your files and folders, and demands ransom payments to regain access.

If you don’t make a payment by a specific deadline you are threatened with the loss of all your data, or the threat of having it published online for the world to see.

Previous CryptoWall versions began spreading here in Australia late 2014. It still uses emails to gain access to your computer but is now cloaking itself as Government Agencies. The agencies most targeted are the Australian Tax Office and Australia Post.

CryptoWall 4.0 is still using the ruse of Government Agency emails to gain access to your files but is now far harder to detect by even the best antivirus programs. It now also alters file names so you don’t know what files have been encrypted and what haven’t. This tactic is designed to confuse and panic people and increases CryptoWall’s ‘success’ rate.

We have had success with retrieving and unlocking files encrypted by CryptoLocker but prevention is still the most effective defence against this type of ransomware.

To help prevent this happening to your business we recommend you and your staff:

tickRefrain from visiting social media sites or clicking on links in them whilst using any corporate machines, especially on a terminal server

tickRefrain from previewing and reading personal email sites whilst on corporate machines, especially on a terminal server

tickTurn off preview mode in Outlook, and do not open any emails that are from an unexpected/unknown source, delete them, especially if the subject is “Important Documents” or something similar – if you do manage to open one of these emails do NOT click on any “Click Here” icons or Internet links in the body of the emails

tickIf you have a warning message popup saying your files have been encrypted and demanding payment, or if you are unable to open an office document in your home folder or on one of your network drives – please stop what you are doing and contact your IT provider our reach out to our team

We also recommend following some of the main Government Agencies (ATO, Australia Post) on social media as they will advise people if they become aware of any scams being sent from fake Government email addresses.

CryptoWall really is a wolf in sheep’s clothing, and trust us, you don’t want to get bitten!

If you’re worried about the online security of your business, check out our Virtual CIO service: http://www.strategicgroup.net.au/consulting/

Disaster Recovery Plan Template

  Disaster Recovery Plan

Recent Posts