CryptoWall 4.0 users have discovered that Russian users are spared any encryption after the malware is deployed onto their system. This is because the ransomware checks to determine which keyboard is being used, and when Russian is detected as the language, the ransomware kills itself before encryption.
This news comes as no big surprise to anyone, as it has always been known that the attackers were Russian, at least the spam servers, targeting mainly the US and Europe. However, everyone is equally susceptible to encrypting ransomware.
The encrypting ransomware may appear slightly different, but in reality, it is the same as the rest. It encrypts your files from a phishing email, holding them ransom for bitcoin payment. The encryption is done using a GPG Tool, which is an open source encryption tool that appends the file extension to “.vault”
This variant is based off of the “freebie” structure, allowing 4 free file decrypts. This is intended to let the user know what the decryption routine is like, and to verify that files will be returned upon the ransom being paid.
Once the ransom has bee paid, the user will have access to download the decryption tool from the portal.
The specific variant will be caught by Webroot, in real time, before any encryption is able to take place. Measures are always being taken to find more, but in the case of new zero day variants, it is important to understand that with encryption ransomware, the most dependable protection is a good backup solution, using either the cloud or external storage.
It is also critical to keep this backup solution up to date so productivity is not lost. Webroot has built in backup features in the consumer product, allowing directories to be constantly synced to the cloud. Should a zero-day variant infection occur, the user can simply restore any files using a snapshot history.
Find out more about the latest variants of malware. Call PC Help Services at (317) 585-0500 or email us at email@example.com to learn about our managed IT services. We keep you safe from all types of threats for a flat-rate monthly fee.
My wife called around and the first company to actually answer the phone was PC Help Services, Inc. She scheduled a time for the owner, Jason, to come out to our house; he came out within 48 hours. (In the past, we had taken our computer to a place like Best Buy to get it repaired, but we really don’t like doing that anymore. Even though it costs more for a repairman to come to one’s home, it is worth it for convenience and security.) Jason showed up on time and was very professional. At the advice of the person who scheduled the appt. over the phone, we purchased a new DVD burner from Fry’s ahead of time to save money. When Jason determined that the DVD burner / drive in our computer was indeed inoperable, he began to replace it with the one we had purchased. There was a problem between the computer and the connectors for the new DVD drive. Jason knew of a store from which he could buy a new connector. Within 10 minutes he was back and had spent $5.00 for the connector. He quickly installed the new DVD drive and concluded within 45 minutes, start to finish. Hire PC Help Services, Inc., by all means!”