Watch Out For Cryptowall 4.0 – New Ransomware Released
Watch our for the new ransomware – CryptoWall 4.0
Ransomware is continuing to be a problem and with each new ‘version’ released on the internet, the more vicious it becomes.
Like the previous version, CryptoWall 3.0, CryptoWall 4.0 is delivered through email and websites that have been compromised. You can read about CryptoWall 3.0 in our blog here.
CryptoWall 4.0, although very similar to its predecessor, goes one step further. Not only does it encrypt common files on the computer and deletes the original files, and prompts the user to pay a ransom in order to decrypt their files, this version will also encrypt file names.
Ransomware makes itself known – it is hard not to when you receive a message on the screen asking you to pay a ransom to decrypt your files, and your files are actually encrypted. This particular version is sneakier, and can bypass many security tools that are built to detect such viruses and malware.
The ransom being sought is also different to previous CryptoWall versions. 4.0 recommends “purchasing the software package” and using Bitcoin currency to do so.
If you suspect you have a virus or malware, whether you believe it is ransomware or not, we high recommend you shut down your computer as soon as possible, contact us at Forerunner or bring your computer straight in so we can take a look.
- Do not open attachments (especially ZIP, PDF and DOC files) received via email if you are not expecting them.
- If you are expecting an email with an attachment, still be very wary when opening it. Check the email address it was sent from, subject etc, just to check it is the email you were expecting and not one that looks similar.
- If you receive any emails from people you don’t know or they simply look suspicious, DELETE them.
- Avoid visiting websites that you don’t regularly visit or trust.
- Ensure you regularly back up all your data on your computer.
- Keep your back up drive(s) disconnected and away from your computer.
- If you open a file on your folder and are alerted to any pop up messages, or anything saying it is corrupted, call the Forerunner Team immediately.
- If you notice file names changing without you manually changing them yourself, disconnect the computer from the network and call the Forerunner Team immediately.
For more information on CryptoWall 4.0, visit: http://www.bleepingcomputer.com/news/security/cryptowall-4-0-released-with-new-features-such-as-encrypted-file-names/