Beginning in 2013, CryptoLocker, a new variety of malicious software known as ‘ransomware’ began making headlines. This software, which is typically installed unintentionally by a user, begins to automatically encrypt files on a user’s computer and shared network drives rendering it inaccessible. After encrypting as much critical data as possible, the software then demands payment in exchange for a private key that will decrypt the files making it usable again.
Thankfully, authorities were able shut down one of the parties involved in the development of this software earlier this year. However, on October 1, 2014 a new variant of malware known as ‘CryptoWall 2.0’ began circulating in the same fashion. With this new version, changes have been made to the malware to make this variant significantly more difficult defend against. This version utilizes an anonymous network known as TOR to attempt to hide the malicious parties involved from authorities.
Much like the original CryptoLocker virus, this version is typically distributed through fake emails that may appear to be legitimate. Since the fake emails continue to appear as exceptionally convincing, it is recommend that extreme care be taken when handling messages from any source, especially when clicking on links or attachments.
Beware Legitimate Looking Emails
Often times, legitimate looking emails (such as an email with tracking information from that package you never ordered) contain links or attachments designed to trick a user into installing a virus. One of the best defenses against these types of attacks is to question any email with an attachment or link.
With that being said, having a fully functional, reliable backup system has only increased in importance. Restoring from backups is often the only way to recover from one of these incidents in the unfortunate event an infection occurs.
Awareness Not Anti-virus Software
While anti-virus software exists to catch viruses that have already been found in public, a common way attackers defeat this is to make minor changes to their software. This has become so common that these changes easily slip past almost every anti-virus product and are usually made within the hour to keep the bad guys one step ahead.
In the end, it is ultimately awareness more than anti-virus software that will help to keep infections of this malware from spreading.
Have you been hit by CryptoWall 2.0? What are some questions you might have? Tell us in the comments section and we’ll get back to you with an answer!