Almost 20,000 Australian have been held to ransom after hacker hijacked their files using CryptoWall - a malicious software program.
The CryptoWall ransomware is being used by a hacking crew to encrypt users’ computer files.
Once the files are encrypted with CryptoWall they are locked down and a user is unable to access the files unless a ransom is paid.
Unfortunately, CryptoWall has picked up where the infamous CryptoLocker ransomware left off.
As of August 24, CryptoWall had infected 625,000 victims worldwide, 80,000 more victims than CryptoLocker. The criminal operators behind CryptoWall have collected US$1,101,900 in ransoms and have encrypted 5.25 billion files.
According to Dell, one of the most affected countries is Australia, with CryptoWall infecting almost 20,000 victims.
Most victims were made to pay anywhere from US$200 to US$2,000 in ransom to get their files unlocked.
The ransomware is spreading through various means, including malicious emails disguised as a “rejected tax payment” or a “missed fax”.
The spam is being sent via the most prolific spam botnet on the hacker underground market, Cutwail.
Dell SecureWorks Counter Threat Unit security researcher, Keith Jarvis, said Malware had evolved substantially from the days where it used to take your valuable information before you were aware of it.
“Now, cyber criminals are looking to hold one of your most valuable assets for ransom – your data," he said.
"They’re not looking to sell it on the black market, they just sit back and wait for you to pay up. And people do, they need and want their data back.”
He said the really worrying thing was the fact that criminals were getting much better at encrypting.
Read more: Joshi appointed as SonicWall country manager A/NZ
"The early ransomware used to be a bluff and you could unlock your files using security software," he said.
"Now, unless you have backups of your files, unconnected to your computer or server, there is no way to get your files unlocked without paying.” said Jarvis
Dell A/NZ country manager, Sandeep Joshi, said the way in which the files infected a business was by an end-user clicking on a malicious object in an email attachment.
"IT administrators can reduce the chances of this happening by blocking executable files and compressed archives containing executable files before they reach a user’s inbox,” he said.
“Next-Gen Firewalls will have the capabilities to filter these types of objects coming into the network before it reaches its intended target.”
“In addition, work out what data you need to regularly back up in offline backup media. Backups to locally connected, network-attached, or cloud-based storage are not sufficient because CryptoWall encrypts these files along with those found on the system drive,” said Joshi.
