Alert: Cryptowall 2.0 Ransomware is Causing Major Problems
New cyberthreats are always emerging. Being aware of the latest cybercrime developments is the way to go if you don’t want to put your company and your business plan in danger. There’s a significant new threat that you should know about. It’s called Cryptowall 2.0 and it has the capacity to cause a whole lot of havoc in your network.
One of the newer online threats is known as ‘spear-phishing’. Conventional phishing consists of sending out mass emails in the hope that the recipient will reveal personal information after clicking links in the message or install malware on their computer after opening attachments. Spear-phishing does something similar but, instead of being sent to thousands of people, attacks are targeted at individuals, so that they look like authentic communications.
Cryptowall (also sometimes called Cryptolocker) targets people who don’t screen their incoming mail. The malware is concealed in zipped folders or pdf files that masquerade as business-related communications such as bills, invoices, purchase orders or complaint records.
Cryptowall 2.0 is a more advanced version of a previous scam called Cryptowallransomware, which could encrypt your data. This paved the way for ransom demands in order for you to be able to decrypt it. It used to be quite easy for tech professionals to get their original files back, but the new version makes it much harder to do this, so people are forced to pay up to get their data restored. Unlike the previous version, the new Cryptowall can now irreversibly delete your original files after they’ve been encrypted, making it impossible to recover them.
The new version of Cryptowall uses unique wallet IDs for the victims to send the ransom. The previous version didn’t use unique IDs, so other victims were able to take the payments made by other victims. That’s a bit of a kick in the teeth to other sufferers, but it did allow people to get their data back without paying anything.
Another innovation is the use of TOR gateways, so the cybercrime operators can take the payment without being traced. It used to be possible to blacklist the payment servers, obstructing the money reaching the destination. That makes the updated scam a lot more dangerous.
Few companies can keep operating if their data is unavailable and you need to protect yourself. Constant vigilance is essential to combat cybercrime. There are some basic things to do to avoid disaster:
- Never open files that come from email addresses you don’t recognize. If you don’t open them then there’s no way your network or computer can be infected. Only opening files from trusted sources is a simple but absolutely crucial preventive measure.
- No matter how tempting it seems, or how urgent it looks, never click on links in emails before thinking about where the link comes from and where it might take you. Don’t think you’ll just have a quick peep. Once you’ve clicked the link the damage is probably done.
If you do fall prey to a Cryptowall 2.0 or another malware or ransomware attack, Quikteks is here to help. Our security consultants can also help you to prepare your business to protect against future cyberthreats. Call Quikteks at (973) 882-4644 for further assistance.