CryptoWall 3.0 is a file-encrypting ransomware, which will encrypt the personal documents found on victim’s computer using RSA-2048 key (AES CBC 256-bit encryption algorithm). CryptoWall 3.0 then displays a message which offers to decrypt the data if a payment of $500 (and after 7 days goes up to $1,000) is made within 96 hours, otherwise the data will be destroyed. This ransom must be paid in Bitcoins and sent to a Bitcoin address that changes per infected user.
It is easy to disinfect computer but very tough to recover your files. Last chance is to recover from backup or by using data recovery methods.
The CryptoWall 3.0 virus is distributed through several means. Malicious websites, or legitimate websites that have been hacked can infect your machine through exploit kits that use vulnerabilities on your computer to install this Trojan without your permission of knowledge.
Another method used to propagate this type of malware is spam email containing infected attachments or links to malicious websites. Cyber-criminals spam out an email, with forged header information, tricking you into believing that it is from a shipping company like DHL or FedEx. The email tells you that they tried to deliver a package to you, but failed for some reason. Sometimes the emails claim to be notifications of a shipment you have made. Either way, you can’t resist being curious as to what the email is referring to – and open the attached file (or click on a link embedded inside the email). And with that, your computer is infected with the CryptoWall 3.0 virus.
The threat may also be downloaded manually by tricking the user into thinking they are installing a useful piece of software, for instance a bogus update for Adobe Flash Player or another piece of software.
Steps to protect your computers
New variants of CryptoWall are not detected even by latest Antivirus solutions as it targets zero day vulnerabilities and hence nobody is 100% secured against ransomware threat . Zero-day vulnerability refers to a security hole in software—such as browser software or operating system software—that is yet unknown to the software maker or to antivirus vendors.
We have jotted down few points to help you reduce the risk of infection to your computer and network.
- Setup network password for your router
- Setup password for your computer
- Separate your administrative account from your day to day computer account
- Make sure you have latest windows updates installed on your computer
- Make sure you have antivirus, anti-spyware and anti-spam program for you organisation setup for each computer and each users
- Educate users not get tempted by offer for free software, music, videos and movies. Ask your trusted IT advisor before downloading and using any software
- Good idea is to keep your office computer away from your casual browsing at home
Most important piece of advice from us is that you make sure you have backups. We recommend you to get Cloud Backup or at least your backup drive should be removed and not connected to your computer after backup is completed.
Our Free Network Analysis and Security Assessment will provide you the information you need to secure your critical data at no obligation to you!