Well another version of CryptoWall has reared it’s ugly head and we do mean ugly. The only way around this is restoring a backup or paying the ransom. Please do not pay the ransom, this only encourages this kind of activity.
NOTE: No NON BUSINESS browsing, please communicate this to your staff.
Our new tech Daniel Grimm updated this post with the help of the awesome people over at Bleepingcomputer.com
As many of you know, there has been a virus known as “Crypto-Ransomware or CryptoWall” that has been spreading throughout people’s computers over the past several months. It has come to our attention there is a newer version of the virus out. We are trying to spread awareness in reference to this, and have a list of preventative strategies and methods you can use to protect yourselves and help mitigate the risk of these types of Malware.
1. Backup your computer every night! Also create an offsite backup. We like Crashplan Pro by Code42, or Mozy Pro.
2. Make sure you have an anti-virus program installed and updated
3. Become educated on what you should and should not do on the Internet.
4. Use Software Restriction Policies or CryptoPrevent to make it so the malware files cannot launch
NOTE: As of this writing, only Maximum settings which is in Beta will possibly prevent the infection from spreading. Please keep this in mind before installing.
Here is a link to the latest version of CryptoPrevent: http://download.foolishit.com/CryptoPreventSetup.exe
Follow the wizard. Once completed, it will ask you to launch the program, which you want to do. It will ask you 2 questions, both of which you should say “No” to. This is what the program should look like once it is opened. The proper setting should be set to “Default”, and once that is done then you will need to click the Apply button. It will ask you a question about whitelists, which you need to click “Yes” to. The computer will need to be restarted for it to fully take effect. Upon the restart, it will show you a message saying it was successful!
To read more information about CryptoWall: