Friday, 16 January 2015

Cryptowall 3.0 - "Microsoft Sees Hundreds Of New Infections By CryptoWall"

After two months of silence, there is a new version of the CryptoWall-ransomware appeared that managed to infect one day 288 Windows computers, says Microsoft. CryptoWall 3.0 spreads the same way as previous versions, namely via drive-by downloads and installation by malware already present on computers. Once active encrypts CryptoWall kinds of files and then asks for an amount of 500 euros in bitcoin. Victims receive 167 hours to pay, and the price is increased. In previous versions it was then a sum of 1,000 euros.

Cryptowall Decrypt Service.

Communicated the older versions of CryptoWall still using the Tor network, CryptoWall 3.0 uses I2P, which stands for Invisible Internet Project (I2P), says researcher JuK of the blog Malware Do not Need Coffee . I2P is a network layer allowing application messages safely and pseudo-anonymous can exchange. 

Cryptowall 3.0 communications with C&C

The earlier versions of CryptoWall would be more than 830,000 computers have been infected, making it the most "successful" ransomware until now.

VirusTotal Report Zip File: c77a463c5f6481efee38bba2bc8bf085

VirusTotal Report: 6c3e6143ab699d6b78551d417c0a1a45

VirusTotal Report: 47363b94cee907e2b8926c1be61150c7

No comments:

Post a Comment