Cryptowall is a new strain of Cryptolocker. So strong in fact that the FBI’s Assistant Special Agent in Charge of the FBI’s CYBER and Counterintelligence Program, Joseph Bonavolonta, normally advises those who have fallen for phishing attacks that release and encrypt storage with cryptowall laden ransomware, to “just pay the ransom”.
A later released statement from the Bureau explains what the options are for businesses that are affected and how it’s up to individual companies to decide for themselves the best way to proceed. That is, either revert to back up systems, contact a security professional, or pay.
It was discovered that over 4,000 malware samples relate to CryptoWall 3.0 and well over 800 URLs of Command & Control servers. The area most targeted was the USA, likely because it is a target-rich environment. Around half of all CryptoWall victims were American. Past transactions and the amount of Bitcoin in the central and lower tier wallets show that the group has made around $325 million.
The evil genius behind both ransomware strains is FBI’s most wanted list of cybercriminals: Russian hacker Evgeniy Bogachev. Bogachev, the authorities believe, was responsible for operating both GameOver Zeus which captures banking credentials and then authorize transfers from their accounts and CryptoLocker which together have infected hundreds of thousands of machines.
Prevention is the best security, learn about phishing techniques and keep a clean machine. Both interrupt the kill chain at the start.