The fourth iteration of the world’s worst ransomware Cryptowall has surfaced with gnarlier encryption tactics and better evasion tricks that have fooled current antivirus platforms. Ransomware has ripped through scores of businesses and end-user machines in sporadic and targeted attacks that have cost victims millions of dollars in ransom payments made to criminals who have illegally encrypted valuable files. The worst offenders remain at large including a single group who may be behind Cryptowall 3.0 and have made some US$325 million this year according to the Cyber Threat Alliance, dwarfing FBI June figures which noted it extorted some US$18 million from US victims alone in about a year. Andra Zaharia of Denmark-based Heimdal Security says Cryptowall 4.0 is employing “vastly improved” communications and better code, so it can exloit more vulnerabilities. “Cryptowall 4.0 still includes advanced malware dropper mechanisms to avoid antivirus detection, but this new version possesses vastly improved communication capabilities,” Zaharia says. “It includes a modified protocol that enables it to avoid being detected, even by second generation enterprise firewall solutions.
ORIGINAL SOURCE: The Register