Security Update: Malware CryptoWall 3.0

As a business we’re sure you take security seriously like we do, so we wanted to make you aware of an ongoing security threat.

There has been a return, after a few months, of the CryptoWall file-encrypting ransomware program.  Attackers have started distributing the new version – CryptoWall 3.0 which encrypts files on your PC then directs you to a website with instructions on how to unlock the files in exchange for a “ransom” payment. All versions of Windows including Windows XP, Windows 7, Windows Vista and Windows 8 are its targets.

The threat is downloaded through other malware or by clicking a link in a spam email with a file name similar to Fax-<randomnumber>.zip or incoming_wire_report.zip.

If your files have been encrypted you will see a message similar to the one below:

cryptowall

 

Once CryptoWall 3.0 logs into your PC it starts scanning your files and begins to encrypt them so you are no longer able to open them. The file encryption will create a new instance of explorer.exe to gain local admin privilege.

Even without paying the ransom the cybercriminals can still get money by stealing existing Bitcoin wallets or by selling and using any stolen information. So it is imperative to ensure your system and files are rigorously protected.

How to avoid the CryptoWall threat:

The importance of keeping your system up to date with security patches, malware protection software, mail filtering software and anti-virus software cannot be exaggerated when your business is at stake. Ensuring you follow these security best practices will aim to minimise any risk from a virus.

So with ransomware being identified as a growing threat we’d like to make you aware of the best security practices. Therefore to avoid this threat it is essential to keep an eye out for emails containing suspicious dropbox links that inform the user of a new voicemail or incoming fax report.

Furthermore, we always suggest backing up your data on a regular basis so you can easily restore without having to pay the ransom.

This ransomware is particularly nasty because infected users are in danger of losing their personal files forever. So never has it been more relevant to highlight the importance of regular security updates.  Virus writers and hackers are constantly coming up with new and inventive ways to attack their targets.

.ransomware2

But security experts are also continuously working tirelessly to anticipate and respond to new types of attacks. Be sure to regularly check for software updates to keep your files safe and it is critical that businesses become educated on prevention measures to best protect themselves from falling victim to rising security threats.

To conclude, users can protect their important data by regularly backing up their files. Additional practices include never opening attachments from unknown or unverified senders and instead ignoring or deleting these emails. Security protection starts with educating your employees and raising the awareness of the significance of these best practices.

Finally it is important to invest in security solutions that can protect against the latest threats. If you’re looking for email filtering software that gives you reassurance your mail is being securely delivered then Max Mail-Security may be the solution for your business. This comprehensive software aims to secure your network against email-borne threats through a unique combination of technologies.

Follow these security best practices and don’t let the attackers get the best of your business.

For further information, please don’t hesitate to contact RMS.

Disclaimer: RMS accepts no liability for the content of this blog or for the consequences of any actions taken on the basis of the information provided. While every caution has been taken to provide our readers with most accurate information and honest analysis, please use your discretion before making any decisions based on the information in this blog. The author therefore does not accept liability for any errors or omissions in the contents of this blog. 08/04/2015, RMS (Scotland) Ltd.

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s