Bitcoin Bitcoin Ransomware CryptoWall is Back With Improvements
Jp Buntinx · @http://twitter.com/jdebunt | Nov 26, 2015 | 09:55
Bitcoin ransomware has been a new type of malware attacking computers and networks all over the world. By decrypting all important file extensions, and forcing the device owner to pay a ransom in bitcoin to decrypt the files, assailants have found a new way to abuse the popular digital currency for nefarious acts. Even though it looked like this threat was “under control” for a brief while, a new version of CryptoWall is making the rounds.
Also read: Kraken And Crypto-Related Domains Victim To DDOS Attacks
CryptoWall 4.0 Still Extorts Users For Bitcoin
Unfortunately, the latest version of the CryptoWall ransomware has not removed the option for infected users to pay in Bitcoin. In fact, several “improvements” have been made in this latest version, including vastly improved communications, and a better design code to exploit even more vulnerabilities than before.
The latest version of CryptoWall first surfaced at the beginning of November 2015, and it has since become part of the Nuclear exploit kit. For those who have never heard that name before, the Nuclear exploit kit is one of the top potent exploit kits available through underground hacker marketplaces.
Previous attempts to distribute CryptoWall 4.0 were made through traditional methods, such as phishing emails and malicious spam. Despite several warnings by security researchers every year, most of these malware and ransomware infections occur by opening unsolicited email messages. However, now that infecting machines can be done through the Nuclear exploit kit, CryptoWall 4.0 has become more dangerous than ever before.
Computers running the Windows operating system will remain the target of choice for hackers looking to infect devices with CryptoWall 4.0. Windows remains the most commonly used operating system in the world, giving assailants plenty of targets to choose from when spreading CryptoWall 4.0.
But there is a major difference between CryptoWall 4.0 and its previous iterations. Instead of solely encrypting the data within certain files, CryptoWall 4.0 will encrypt the file names themselves as well. Once a computer has been infected with the latest version of this ransomware, there is very little the user can do other than paying the money or formatting the computer.
Adding To Bitcoin’s Negative PR Image
Even though Bitcoin as a currency is not at fault for the CryptoWall ransomware or its distribution, the association with these types of attacks will not do the digital currency’s PR image any favors. Mainstream media has been spewing headlines regarding how Bitcoin is bad and used for various nefarious activities all over the world.
However, the creators and users of CryptoWall are sadly mistaken in thinking that Bitcoin ransom payments are anonymous, and cannot be traced back to its recipient. However, Bitcoin payments are anything but anonymous, and anyone in the world can track down the Bitcoin address where the funds end up in.
What are your thoughts on CryptoWall 4.0? Are you worried it will infect your machine, and if so, which precautions are you taking? Let us know in the comments below!
Source: The Hacker News
Images courtesy of Shutterstock, SeedSpark
The Rundown
