Your IT Support Experts

We partner with many types of businesses in the area, and strive to eliminate IT issues before they cause expensive downtime, so you can continue to drive your business forward. Our dedicated staff loves seeing our clients succeed. Your success is our success, and as you grow, we grow.

Free Consultation

Interested in seeing what we can do for your business? Contact us to see how we can help you! Sign Up Today

  

USA Computer Services Blog

USA Computer Services has been serving small and medium sized businesses since 2012, providing IT Support such as technical helpdesk support, computer support and consulting.

Warning: Updated Cryptowall Ransomware Strikes Again

b2ap3_thumbnail_ransomware_attack_400.jpgAs a business owner, you want to take every precaution against the latest threats that can affect your way of life. An updated threat called Cryptowall 2.0 (previously known as Cryptolocker) has been cut loose by malware developers, and it's capable of dealing irreparable damage to your business's network and data. This spear-phishing variant has the power to grind your network's files to dust, and in turn, your productivity.

Cryptowall 2.0, similar to its Cryptolocker brother, locks down the files on your network. This makes them inaccessible without a decryption key provided by the malware developers' secret server. Users come into contact with this threat through zipped folders and PDF files sent through emails disguised as invoices, purchase orders, bills, complaints, or other business-related messages. However, the original Cryptowall allowed knowledgeable users to recover their files without paying the ransom.

Not so much anymore. Malware developers knew that these weaknesses in the ransomware were being exploited, and sought to eliminate them. Some changes made in this souped-up version of Cryptowall 2.0 include:

  • Unique wallet IDs to send ransom payments. Before the upgrade, Cryptowall used the same payment address for all of its victims. This flaw allowed users to take the payments of other victims to pay for their own files, turning the innocent victims into cold, hard crooks. While this method isn't favorable, it did work, and users were able to recover their files. With unique payment addresses for each user, this method has been put to a halt.
  • Cryptowall 2.0 deletes the original data files. The earlier version of Cryptowall didn't delete the original files, which allowed users to recover them with data recovery tools. By deleting the original files, Cryptowall 2.0 prevents victims from finding an easy way out. The only way to recover these files is with a backup solution, or paying the ransom.
  • The new Cryptowall uses its own TOR gateways. Malware developers no longer have to remain undetected and anonymous on public TOR gateways, which could be blacklisted and unreachable by the public. Now, these payment servers are on their own TOR gateways, which means that they can't be blacklisted or blocked.

This is not a threat that should be trifled with. It is extremely dangerous and should be treated with the utmost caution. In order to prevent this ransomware from infecting your network, you must follow these steps:

  • Only open files that are from trusted email addresses. Don't open any attachments sent to you by unfamiliar (or even familiar) emails unless you follow up with the sender on whether or not it is legitimate. The power of spear-phishing attacks lies in their ability to sneak past antivirus and firewall solutions by disguising themselves as something else. Only open files that are from trusted senders, and always be on the lookout for warning signs.
  • Avoid suspicious links in emails. Carelessly clicking on links opens up your network to all sorts of unsavory possibilities. It's fair to treat every unfamiliar link with suspicion, because if your systems become infected from clicking on a malicious link, it could spread to your entire network, debilitating your business beyond repair.

If your business gets into hot water with the Cryptowall ransomware, you can count on USA Computer Services to help you get through the predicament. We'll give your business all of the information and tech support it needs to escape the ransomware, and set up provisions to keep your network protected against threats in the future. For more information about what USA Computer Services can do for your business, give us a call at (704) 665-1619.

Tip of the Week: How to Write a Professional Email
3 Paths for the Internet of Things
 

Comments

No comments made yet. Be the first to submit a comment
Guest
Already Registered? Login Here
Guest
Friday, November 15, 2024

Captcha Image

Customer Login

Contact Us

Learn more about what USA Computer Services can do for your business.

Headquarters:
525 North Tryon St. #1600
Charlotte, NC 28202

Additional Location:
859 Willard St #400
Quincy, MA 02169
Additional Location:
60 State Street #700
Boston, MA 02129