CryptoWall Infecting Computers
A new and "improved" variant of the CryptoWall ransomware has been infecting computers worldwide in the past few days. The new CryptoWall 3.0 uses a localised
ransom message and passes traffic to a website. There the victims pay for the decryption key needed to unlock their files through anonymous networks.
CryptoWall is a file-encrypting type of threat, which once activated, encrypts certain files on the infected machine and demands a fine ($500) for the required decryption key. The ransom is to be paid in Bitcoin digital currency, within 168 hours.
If infected, all MS Office documents, PDF files, JPEG and other media files can be encrypted. The restore process is complex takes around 24 hours.
This threat is not detected by anti-virus programs. The latest Windows security updates supposedly prevent the infection, but things change rapidly in this environment. It is strongly recommended clients ensure Windows securities updates are current on their client machines, and contact the Finrea office if you need assistance or guidance with this.
Please be particularly vigilant about internet security. Do not open emails from unknown sources or with suspicious attachments. Visit only mainstream websites, avoiding image banks and the like.
Please report any suspicious computer system behaviour to Finrea as soon as possible.