Site   Web

January 28, 2016

Cryptowall 4.0 Virus: How to Decrypt Your Files

Image courtesy of (Stuart Miles) / FreeDigitalPhotos.net

Over the past few years, an insidious malware has infected computers around the world in a sophisticated manner that has managed to stay one step ahead of most anti-virus platforms. Cryptowall has been used mostly against businesses along with end-user machines to block the information that is stored until a ransom is paid.

This relatively simple method of extortion is led by one of the most complex computer virus or malware programs to be developed in recent years. Cryptowall is part of a family colloquially called ransomware in which the result profits come from the extortion paid to the hackers by those whose computers have been affected.

Origin and History

Cryptowall 4.0 is the latest variant of the feared Cryptowall malware, which has spread around the world attacking various computer systems where it basically prevents access to the information until a ransom is paid. The 3.0 version of the malware has caused at least $325 million of damage in the U.S. alone.

The new 4.0 will actually alter the file names for the now encrypted data so that it becomes virtually impossible to tell what is affecting the program. Add to this that all system restore points are deleted and this new threat is now even more dangerous.

It is believed Russian hackers are behind the Cryptowall because the malware does not affect computers that use a Russian language. In addition, the spam servers that generate the Cryptowall have been located within the Russian border.

So far, the countries that have been affected by the Cryptowall malware include the following countries: China,
France,
Germany,
India,
Italy,
Kuwait,
Philippines,
South Africa,
Spain and the
United States.

Infection Techniques

In essence, the program blocks access to the information stored on computers and servers by encrypting it in a manner that makes it very difficult, if not impossible to remove without the proper encryption key which only the hackers know. Until the ransom is paid to the hackers, the block will stay in place, which may cripple the ability of businesses to do their jobs.

In most cases, the hackers select a particular business or corporation that may offer the promise of a great reward and then infect the computer systems. The Cryptowall is quite efficient at sealing up the information that is stored. Because it does not try to destroy, but instead encrypt the information, it can slip past most anti-virus or anti-malware systems.

Our Tips about Removal Methods

There are very few techniques that work against the Cryptowall 4.0 simply because of its sophistication in being able to slip by most security programs and ability to encrypt information once inside.

About the only sure prevention method is for companies to continually back up their information and store it on the cloud or other platforms that remain hidden from the hackers. In this manner, instead of trying to retrieve the information from the affected computers, the computers themselves are instead wiped clean and then reloaded with the information that was stored in the backup systems. We recommend you use Google Drive. It is a free service from Google that allows you to store your files online and access them anywhere on the world using the cloud. Google Drive allows you to use 15 gigabytes (15GB) of free storage space.


avatar

Article By Marcel Kantorek. About the other possibilities and new antimalware techniques which were created in order to directly combat the new Cryptowall 4.0. you can read on: http://nabzsoftware.com/types-of-threats/cryptowall-4-0

css.php