(also CryptoWall ransomware)
Cryptowall is a malicious program that encrypts a user’s data, making it impossible to access, and then demands payment in cryptocurrency as ransom to restore it. Since its discovery in 2014, multiple versions of Cryptowall have been introduced, each with stronger encryption and added features. Typically, Cryptowall infiltrates systems by exploiting phishing emails, malicious downloads, or exploit kits.
- Cryptowall 2.0: This version introduced advanced RSA-2048 encryption, making it harder to crack and recover files without paying the ransom.
- Cryptowall 3.0: This variant added I2P network support for communication, making it more challenging for authorities to trace and shut down its command-and-control servers.
- Cryptowall 4.0: The latest version further obfuscates its code and includes a more sophisticated payment system, making it even harder for victims to avoid paying the ransom.
Protecting against Cryptowall
- Keep the software and operating system up to date to prevent vulnerabilities from being exploited.
- Regularly back up data to an external storage device or cloud storage.
- Never click on suspicious links or download attachments from unknown sources.