CryptoWall surpasses CryptoLocker in infection rates http://www.scmagazine.com/cryptowall-surpasses-cryptolocker-in-infection-rates/article/368920/
CryptoWall 2.0 Available in the Wild, Has New Obfuscator http://news.softpedia.com/news/CryptoWall-2-0-Available-In-the-Wild-Has-New-Obfuscator-460927.shtml
Oh Great! Not. "CryptoWall ransomware variant has new defenses CryptoWall, one of a family of malware programs that encrypts files and demands a ransom from victims, has undergone a revamp that is frustrating security researchers...." http://www.pcworld.com/article/2867132/cryptowall-ransomware-variant-has-new-defenses.html
Dunno, But I tend to doubt it. Bit Defender has a free download that is said to block Cryptowall 1 and 2. Bitdefender Anti-CryptoWall can keep an eye on your computer and block known encryption methods used by CryptoWall. No installation is required, so you just have to launch it in order to activate its protection mechanism. Aside from real-time anti-ransomware protection, this application integrates an immunization technique that prevents executables from the 'AppData' and 'Startup' folders to launch. http://labs.bitdefender.com/projects/cryptowall-vaccine-2/bitdefender-offers-cryptowall-vaccine/ Cryptowall is totally insidious. You can only pay the ransome in Bitcoins, which most peeps don't know how to do, and if you don't pay within a certain amount of time the ransome doubles.
Thanks for the info about Bitdefender Anti-CryptoWall; I'll have a look at it. Note that Hitman Pro Alert is designed to block encrypting ransomware. I'm checking in that thread to see if it's effective against this latest variant of CryptoWall. As for the insidiousness of CryptoWall I would agree; every effort must be made to avoid the problem.
Good question. I've asked in the HMPA thread about effectiveness against this new variant of CryptoWall. We could also ask there about whether or not using the Bitdefender app would increase protection.
Most paid AV | AS vendors have stand-alone removal tools and protection in place. http://virusradar.com/en/Win32_Filecoder/detail http://virusradar.com/en/Win32_Filecoder.NCC/description
I use BDIS which I like. Duh why else .... Anyways started using BD Anti-Cryptowall a few weeks ago. Can't remember the name but around 6 months ago I tried to install another BD standalone (don't remember) but BDIS popped up & said I'm covered already with BDIS. Nonsensical to me why BD Anti-Cryptowall isn't included with BDIS.
I've been searching ESET's Virus Radar site and have found additional stand-alone removal tools that are available to anyone that may need them. http://virusradar.com/en/tools/cleaners All under the "Filecoder" category
I installed this in a VM. It looks like all it does is prevent executables in %AppData% and %Startup% from running. Is that really enough to stop CryptoWall? Edit: CryptoPrevent monitors many additional locations: http://www.softpedia.com/get/Security/Security-Related/CryptoPrevent.shtml
Removal is the least of the problem, don't you think? It has to be blocked in real time to prevent execution/encryption.
Yup, but it helps to have these tools at-the handy, would you not agree ? Most paid AV | AS Vendors now offer some level of protection from Ransomeware
Agreed! By the way, ironically after someone has been successfully attacked by encrypting ransomware if they use an antimalware to remove it it may also make it impossible to pay the ransom; a diabolical situation.
The last thing you would do is pay the ransomware Pirates. Your data is only as good as your last rescue CD | Boot media | rescue media | recovery options | disk imaging media options | etc. Most paid AV | AS vendors now have 24/7 assistance for these situations, and as I said already, there is protection in place via daily updates to your running software.
I read some stupid article lately, can't remember where though. The author unabashedly/idiotically advised his mother to pay the ransom think $500 by BitCoin. She ran around trying to find how & where to pay by BC. The service fee & or conversion rate changed so less than $500 was paid. So the ransom was raised. Mom explained & cried to the ransomer got them to send the decryption key. Never once was offline backups mentioned. If the author was in front of me I would have punched him & spit in his face.
