The Electronic Crime Investigation Directorate informs citizens about the "CryptoWall" malicious software
This malware is aimed at paying money as a ransom, with a digital currency of "bitcoin”, in order to “unlock” – decrypt digital files and data on the computers of individual users or corporate networks.
CryptoWall malware from the "crypto-malware" family can affect all versions of operating systems and primarily spread through e-mail
In recent days, the phenomenon is in full swing with hundreds of reports of corporate network infections
The Electronic Crime Prosecution Division of the Hellenic Police informs the citizens of the reappearance of the "CryptoWall" malware in our country.
This software, which is an evolution of the known "Cryptolocker" malware, is one of Crypto-Malware's digital threats and can affect all versions of the operating system.
In particular, malicious software spreads - is transmitted when we visit insecure or "infected" websites, appearing as a supposedly legitimate update of popular applications. However, in most cases, "CryptoWall" spreads through "infected" emails.
More specifically, after installing it on the operating system, this malicious software, using a sophisticated encryption system, "locks" all digital files and data (various types of files, for example: * .doc, * .docx, * .xls , * .ppt, * .psd, * .pdf, * .eps, * .ai, * .cdr, * .jpg, etc.) stored on the computer of the user who is "infected" by the virus, while in order to "unlock" its files, they must be paid a ransom because they otherwise become inaccessible to their user.
CryptoWall software is available at 3η its edition from January 2015 worldwide and special mention is made that both for the current version, as for the previous one (v2.0), while there are solutions available to remove the malware itself, there is no known way to decrypt the files, due to the very strong encryption (2048-bit RSA key) used.
This malware also has the capability to "self-distribute" over the local network and encrypt the files of each system it accesses. This feature makes this possible extremely dangerous in corporate networks where spreading can be rapid.
The payment of the amount of money is made through an anonymous program tours, using the digital currency "bitcoin" (BTC), following a message displayed to the user, with hints and instructions for payment.
Internet users and, in particular, corporate network administrators are advised not to pay the money requested from CryptoWall in order to discourage such illegal practices as well as to prevent the spread of the phenomenon, and they should be particularly careful and take action digital protection and security to prevent malicious software from compromising.
Specifically:
-
Users who receive emails from unknown senders or unknown sources are requested not to open the links and not download the attachments contained therein for which they are not sure about the sender and the contents of the attachment file. In addition, users must be extremely suspicious of the emails that sender seems to be a service or company that is not known to them.
-
It is recommended to type the web page addresses (URLs) into the browser (browser), instead of using hyperlinks.
-
Use genuine software programs and update them regularly, and there must always be an up-to-date computer virus protection program.
-
Verify and keep up-to-date the version of their operating system.
-
Back up your files at regular intervals, to external storage, so that in case of "malware" malware can be restored.
-
Particular attention to regular and secure backup is recommended to corporate network administrators because copies are the only way to restore the files as a whole.
It is recalled that for similar incidents or for clarification-advice, citizens can contact the Electronic Crime Prosecutor's Office at the following contact details:
-
By phone: 210-6476464 or 11188
-
Sending e-mail to: ccu@cybercrimeunit.gov.gr
-
Via the application (application) for smart phones (smartphones) with iOS operating system - Android: CYBERKID
-
Via Twitter "SOS Cyber Alert Line": @cyberalertGR.