CryptoWall 4.0 users have discovered that Russian users are spared any encryption after the malware is deployed onto their system. This is because the ransomware checks to determine which keyboard is being used, and when Russian is detected as the language, the ransomware kills itself before encryption.
This news comes as no big surprise to anyone, as it has always been known that the attackers were Russian, at least the spam servers, targeting mainly the US and Europe. However, everyone is equally susceptible to encrypting ransomware.
The encrypting ransomware may appear slightly different, but in reality, it is the same as the rest. It encrypts your files from a phishing email, holding them ransom for bitcoin payment. The encryption is done using a GPG Tool, which is an open source encryption tool that appends the file extension to “.vault”
This variant is based off of the “freebie” structure, allowing 4 free file decrypts. This is intended to let the user know what the decryption routine is like, and to verify that files will be returned upon the ransom being paid.
Once the ransom has been paid, the user will have access to download the decryption tool from the portal.
The specific variant will be caught by Webroot, in real time, before any encryption is able to take place. Measures are always being taken to find more, but in the case of new zero day variants, it is important to understand that with encryption ransomware, the most dependable protection is a good backup solution, using either the cloud or external storage.
It is also critical to keep this backup solution up to date so productivity is not lost. Webroot has built in backup features in the consumer product, allowing directories to be constantly synced to the cloud. Should a zero-day variant infection occur, the user can simply restore any files using a snapshot history.
Find out more about the latest variants of malware. Call Alary Clinitech at (416) 291-7377 or email us at firstname.lastname@example.org to learn about our managed IT services. We keep you safe from all types of threats for a flat-rate monthly fee.
Thanks for helping us upgrade our Macs and get them working exactly as our business needs! Fast, convenient and very knowledgeable! You’re the best!
Alary Technologies has been our IT support team for the past year at the START Clinic for Mood and Anxiety Disorders. They have done a excellent job in upgrading our system, organization, and supporting us in technical computer matters. Compared to other IT companies we have worked with, Alary Technologies comes on top. Ahmed Kufaishi the Managing Director at Alary Technologies is solution focused, knowledgeable and makes an effort to really understand his clients’ needs. It has been a pleasure to work with Ahmed and Alary Technologies. I would recommend their services to other companies and clinics.
“We continue to work with Alary Technologies due to the fact that they are quite educated and knowledge based with current upgrades, and their commitment to their customers.”
Ahmed has been providing our company with expert IT services for close to 3 years. He has guided us through hardware upgrades, server back up procedures and was instrumental in brokering a custom software program that fully automated some key functions in our business. Ahmed has always been thoroughly professional in all his dealings with us and has provided consistent and sound advise for all of our IT requirements. We consider Ahmed and Alary Technologies to be an important partner for our business.
It is refreshing to work with someone who can organize things and describe in plain language. I have a large and growing knowledge base for my work as an architect. I have realized that I can’t do everything, that I do need a team member who can look after this one relatively small by crucial part of my practice.