Security: CryptoWall 4.0 in the wild

The fourth version of the CryptoWall ransomware has landed in the wild, equipped with better evasion techniques and tactics to thwart antivirus protection and detection.

Ransomware attacks computers and encrypts user files and folders via infected email attachments, with attackers demanding ransom payments to unlock the scrambled documents.

Users are told to make the payment by a specific deadline or risk having the private key to unlock the files deleted.

The active CryptoWall ransomware spawned from CryptoLocker, which is thought to have extorted more than $3 million from victims before the botnet used to distribute it – Gameover Zeus – was taken down last year.

To avoid getting caught by CryptoWall, we recommended keeping systems up to date, maintain regular backups and educating users to  avoidin emails with attachments sent by unknown senders, and using products that can detect and block recent ransomware variants.