Cryptowall 3.0 attacking Australian businesses: Stay Smart Online

08.07.2015
A new variant of the ransomware, known as Cryptowall, is believed to be attacking Australian businesses, according to the Australian Government initiative, Stay Smart Online.

It claimed attacks using Cryptowall 3.0 encrypt files, and the malicious individuals behind the malware demand payment for the key that enables the user to decrypt the files. Stay Smart Online indicated these payments can range from a few hundred dollars to more than $10,000.

It stated, in a statement that Cryptowall 3.0 uses an exploit kit capable of attacking vulnerabilities in Adobe Reader, Adobe Flash, Internet Explorer, Java, and Silverlight. Most computers run at least one of these programs.

Once attacked, the victim's computer is redirected to the ransomware download page on Google Drive, where the malware is automatically installed on the user's computer. The ransomware then searches for various files on your computer, in particular Microsoft Word documents.

The ransomware then encrypts these documents, deletes the originals, and alerts the victim that they need to pay a ransom to get their files back.

"While there have been reports that files are recovered if the ransom is paid, this does not protect your computer against further attacks. The attacker may simply encrypt your files again. For this reason, responding to extortion is not encouraged," it stated in the statement.

Stay Smart Online has advised businesses to protect their existing computer systems and ensure that critical data is backed up to limit the damage caused by an attack.

Read more:Intel Security launches new Microsoft Office 365 Channel Kit

"You need to ensure that you do not browse suspicious sites, install untrusted programs from the Internet, or open email or social media attachments from unknown or untrusted sources. You can also ensure that updates for all of your programs are installed automatically as soon as they are available. In addition, ensure that you have an up-to-date antivirus solution running," it claimed.

But if a computer has been compromised, it suggested the user report the incident to the Australian Cybercrime Online Reporting Network (ACORN), an agency that provides information on how to recognise and avoid common forms of cybercrime and offers advice to those who have fallen victim.

Read More:

(www.arnnet.com.au)

Hafizah Osman

Zur Startseite