We've been posting about malware for quite some time now software CryptoWall or Crypto-Wall. Readers of SecNews.gr already know that this is another ransomware that encrypts the data of its victims demanding a ransom for their recovery.
Today, the UN has issued a communication on this malware.
Here are the following:
The Electronic Crime Investigation Directorate informs citizens about malware «Crypto-Wall»
The malicious software Crypto-Wall aims to pay money as a "ransom" in order to unlock - decrypt digital files and data to ordinary users or corporate networks
The malware of the "crypto-malware" family can affect all versions of operating systems and primarily spread through e-mail
In recent days, the phenomenon is booming with many reports of corporate network infections
The Greek Police's Electronic Crime Prosecution Directorate is informing citizens about the continued occurrence of malicious software in our country "CryptoWall».
This software is a digital threat to Crypto-Malware, and can affect all versions of the operating system.
In particular, Crypto-Wall malware infects a computer in two main ways, through infected emails, containing maliciously attached files and through malicious or infected web pages.
More specifically, after installing it in the operating system, using an advanced encryption system, it encrypts - locks all digital files and data (various file types, indicatively: * .doc, * .docx, * .xls, * .ppt, * .psd, * .pdf, * .eps, * .ai, * .cdr, * .jpg, etc.) stored on the computer of the infected user, while to unlock their files, they must be paid (ransom), otherwise they are inaccessible to their user.
Software is running on 3η released since January 2015 worldwide and it is noted that for both the current and the previous version - while there are solutions available for its removal - it is not possible to decrypt the files, due to the very strong encryption (2048-bit / 4096-bitRSAkey) used.
This malicious software (Crypto-Wall) has the ability to self-distribute through the local network and to encrypt the files of each system it accesses. This feature makes it extremely dangerous in corporate networks where dissemination can be rapid.
Payment is made through an anonymous browser using the bitcoin (BTC) digital currency, a message displayed to the user, with instructions and instructions for payment.
Καλούνται οι χρήστες του διαδικτύου και ιδιαιτέρως οι διαχειριστές των εταιρικών δικτύων να μην πληρώνουν τα χρήματα που ζητούνται, προκειμένου να αποθαρρύνονται τέτοιες παράνομες πρακτικές καθώς και για να μην εξαπλωθεί το φαινόμενο, ενώ θα πρέπει να είναι ιδιαίτερα προσεκτικοί και να λαμβάνουν μέτρα ψηφιακής protections and better safetys to avoid malware infection.
Specifically:
-
users who receive emails from unknown senders or unknown sources are requested not to open the links and not download the attachments contained therein for which they are not sure about the sender and the contents of the attachment file.
-
In addition, users must be extremely suspicious of emails that as a sender appear to be a service or company that is not known to them,
-
it is recommended to type the addresses of the web pages (URL) to the browser (browser) rather than using hyperlinks (left-wing),
-
to use genuine software programs and to update them regularly, and there must always be an up-to-date computer protection program (antivirus)
-
to check and keep up-to-date the version of their operating system,
-
να δημιουργούνται αντίγραφα security of files (backup) at regular intervals in an external storage medium so that in the event of a "malware" attack, it can be restored,
-
Particular attention to regular and secure backups is recommended for corporate network administrators as backups are the only way resetof the files as a whole.
It is reminded that citizens can contact the Electronic Crime Prosecution Directorate of the Hellenic Police Force Headquarters for incidental occurrences or to provide clarification - advice, to the following contact details:
-
By phone: 11188
-
Sending e-mail to: ccu@cybercrimeunit.gov.gr
-
Through the implementation (application) for smart mobiles (smartphones): CYBERKID
-
Twitter: @CyberAlertGr