Unfortunately, recently we have had a client that has been infected by the CryptoWall virus.
The client had all data (docs, audio, video, pictures, etc) encrypted, therefore cannot be opened. The internet browser then comes up with a message saying everything is encrypted, and to pay a ransom to decrypt all the files.
As a result, we were able to remove the virus, but had to resort to a backup to restore all off their files. It is currently impossible to decrypt the files.
The malware can get onto your computer through a fake email or website. The email will come as an attachment, possibly from a contact you might know of, or a fake email from a company that you might be apart of.
Any website can be hacked, and then any visitor going to the website can be infected.
So make sure, that you know who the email is from, your expecting an attachment form them, you know what website your visiting and know its safe, no clicking ads, pop ups, etc.
This type of malware is very dangerous where it will encrypt all of your files on your computer without you knowing, then will prompt you to pay a ransom to decrypt all the files.
A message will pop up in your Internet browser asking you to pay a ransom in a limited time, there after the ransom will increase.
The Malware writers also use specific networks and payment types to maximize their anonymity .
The malware targets specific file types, like your word documents, photos, graphics, audio, video and even some backup types
It doesn't touch your Windows directory, so you can still use the computer normally, you just wont be able to open any files you have created or saved.
Any new documents you make will be encrypted instantly as well, unless the virus has been removed.
Removing the virus is possible, which will prevent any future data file from being encrypted, but it wont decrypt all your other data.
Unfortunately, without paying the ransom, and hoping the criminals decrypt your files, it is currently impossible for anyone or anything to decrypt them.
The only solution, is to restore from a backup.
So as you can see, it is very, very important to backup all your data onto an external hard drive, or cloud, that isn't always connected to your computer.
The best way to prevent this from happening, is to make sure you have a good and always up to date, Anti Virus, the latest Windows Updates installed, and a regular Backup.
To read a full story on how this very dangerous malware works - click this link - https://blog.fortinet.com/post/cryptowall-another-ransomware-menace
No comments:
Post a Comment