Russian Hackers Are Behind CryptoWall 4.0
CryptoWall 4.0 spam servers are located in Russia, according to ongoing analysis by Bitdefender’s anti-malware team. The Javascript-written malware downloads the CryptoWall component from a Russian server.
December 28, 2015
By Bitdefender Guest Blog 1
CryptoWall 4.0 spam servers are located in Russia, according to ongoing analysis by Bitdefender’s anti-malware team. The Javascript-written malware downloads the CryptoWall component from a Russian server.
The investigation also reveals the encryption algorithm used is AES 256. The key is encrypted using RSA 2048, most likely because this second algorithm is resource-intensive.
Targeted countries we have identified so far include France, Italy, Germany, India, Romania, Spain, United States, China, Kenya, South Africa, Kuwait and the Philippines. Russian users seem to be safe. The malware doesn’t proceed with the encryption process if it detects Russian as a keyboard language.
How to Prevent Getting Infected
Following in the footsteps of its predecessors, CryptoWall has become a financial success for its creators. Recent numbers show that CryptoWall 3.0 caused an estimated $325 million in damages in the United States alone. Its high turnaround prompted other cyber criminal groups to write new code that uses more sophisticated encryption algorithms. Therefore, it’s becoming harder for anti-virus/anti-malware vendors to crack the code and come up with a solution.
It’s critical that MSPs provide an anti-virus/anti-malware solution that is highly effective against these advanced threats. The independent security testing organization AV Comparatives ran an extensive trial to determine which anti-virus/anti-malware solution performed best against advanced zero-day threats. Bitdefender was ranked No. 1 in these tests, blocking 99.8 percent of the zero-day attacks with only one false positive over a three-month period.
Guest blogs such as this one are published monthly and are part of MSPmentor’s annual platinum sponsorship.
You May Also Like