Over $18 million lost to Cryptowall just in the US

“Cryptowall is still “the most current and significant ransomware threat targeting US individuals and businesses,” the FBI warned in a public service announcement published on Tuesday.

Initial attacks have been registered in April 2014, and since then up to June 2015, the Internet Crime Complaint Center (IC3) has received 992 CryptoWall-related complaints.

Total monetary loss has reached $18 millions, and that’s just if one takes into consideration the reported compromises. Also, these numbers are only for the US, and criminals pushing Cryptowall are also heavily targeting European and Australian users.

“The financial impact to victims goes beyond the ransom fee itself, which is typically between $200 and $10,000,” the FBI explains. “Many victims incur additional costs associated with network mitigation, network countermeasures, loss of productivity, legal fees, IT services, and/or the purchase of credit monitoring services for employees or customers.”

The announcement acknowledges the various delivery methods of ransomware: infected advertisements, emails or attachments, or visits to a compromised website (the victims get redirected to a site serving exploits and, ultimately, malware). Often the ransomware is delivered in conjunction with additional malware, or is downloaded by downloader malware which has already compromised the victims’ computer.

The Feds urge users to regularly update their AV software and to use firewalls, to enable pop-up blockers, and to avoid clicking on emails or attachments they don’t recognize, and visiting suspicious websites altogether. But, most importantly, they also advise backing their systems regularly.

“If you back up, verify, and maintain offline copies of your personal and application data, ransomware scams will have limited impact on you. If you are targeted, instead of worrying about paying a ransom to get your data back, you can simply have your system wiped clean and then reload your files,” they concluded.”




Share this