What is Ransomware?
Every year, hundreds of thousands of businesses and individuals around the world are targeted by Ransomware. Ransomware is malware introduced by a hacker into the victim’s computer for data kidnapping, wherein the hacker encrypts the victim’s data, and asks for a payment to be sent the decryption key.
Ransomware is sent through e-mail attachments, compromised websites and infected software programs or apps. Let’s quickly go through the approach used by attackers to extort money from their victims.
First, after the victim finds that he cannot open his files after the successful introduction of the malware into their system, they receive an email or a ransom note from the hacker. The hacker demands a reasonably small amount of money in exchange for a private key. He warns the victim about destroying the private key if the ransom in not paid in time, in which case the files would be lost forever.
Another mode of attack is to inform the victim that an unlicensed software or illegal web content has been found on their computer and threatening to report them to the police unless a fine is paid within a fixed time.
The hacker also makes money by selling anti-ransomware software on legitimate websites as he knows that the victim would come looking for them. So there are multiple ways for a hacker to make money through ransomware.
To protect yourself from ransomware, make it a point to backup your data on a regular basis. Don’t pay the ransom if the attack occurs, instead, format the hard disk and restore the data from the backup.
What is CryptoWall 4.0?
CryptoWall 4.0 is the most notorious example of ransomware which has targeted businesses and individuals around the world, through both sporadic and concentrated attacks. Many have lost millions of dollars to CryptoWall 4.0.
CryptoWall 4.0 is a classic ransomware. It encrypts the files on a victim’s computer, following which a ransom is demanded to decrypt the files. Owners can regain control of the files by paying the ransom within a deadline as demanded by the hacker.
CryptoWall 4.0 follows on the footsteps of the very successful CryptoWall 3.0, which is rumored to have extorted over $325 million from victims around the world. CryptoWall 4.0 is stealthier and even more sophisticated, with an advanced antivirus detection system. It is very difficult to track this deadly ransomware, and there is little that the victim can do.
As cyber security expert Nathan Scott explains “Sometimes with ransomware, the user is lucky and the malware does not remove restore points or fails to and you can restore the system to a date before the ransomware infection and restore it as if it never happened. 4.0 ensures this isn’t an option.”
“They run their model like a business and it’s very straightforward how it works. They know if they screw over too many people, they’re not getting paid. They go out of their way make sure victims get the files back,” Mr. Scott adds.
The FBI considers Cryptowall to be “”the most current and significant threat targeting U.S. individuals and businesses.” CryptoWall 4.0 not only encrypts the files, it encrypts the file names too. This ensures that the victim panics and has no time to think about a solution.
It also uses new techniques to avoid getting detected by cyber security tools. It is very hard for victims to know what’s being done to them till they realize to their horror that they cannot open any files on their computer.
The malware is usually sent as a Word doc. It is disguised as an invoice or as a business document, but actually is a JavaScript executable which launches the ransomware that attacks the victims’ computer.
Is there a way to protect yourself from CryptoWall 4.0?
Yes – don’t download or open email attachments that you don’t trust or don’t know much about the source. Configure your system to automatically block the download of an executable file if it is being done without your explicit permission. Install top-rated security firewalls and anti-virus software on your computer such as Norton, McAfee or Avast. Finally, back up your files on a regular basis.