logo

 

What is CryptoWall?

CryptoWall (you can also find it as CryptoWall 2.0 and CryptoWall 3.0) is a very dangerous ransomware that was released for generating the money. It is done by encrypting important user's files and then asking to pay a ransom for a code that could decrypt these files. It seems that this virus belongs to the same group of cyber criminals that is responsible for releasing such ransomwares as CryptoDefense, Cryptolocker, BitCrypt, Critroni, Cryptorbit, etc. If you are a Windows user, you should be especially careful because CryptoWall virus is capable of infecting all Windows versions, including including Windows XP, Windows Vista, Windows 7, and Windows 8. Right after it infects the system, it, it encrypts predetermined files and blocks the user so that he/she wouldn't be capable of accessing them. According to PC experts, the RSA 2048 encryption is used for that. In order to restore these files, you will be offered to pay a ransom of $500. In most of the cases, it should be paid in Bitcoins and the payment should be transferred via Tor (anonymous web browser). This money transfer method is usually used by hackers and cyber criminals in order to hide their identity.

If you are seeing a warning message, which is titled 'CryptoWall 2.0' or 'CryptoWall 3.0', then you are dealing with its updated version. CryptoWall 2.0 was updated in the end of 2014. After these updates, it is capable of generating unique payment addresses for each of the victims, it has its own gateways to TOR and was also filled with the secure deletion method that doesn't allow to use recovery tools while trying to decrypt important files. Cryptowall 3.0 was released in January, 2015. It seems that it it capable of encrypting new file names (HTML, PNG, TXT, URL), it has new gateways to TOR and an increased ransom deadline.

Please, do NOT pay a single cent for these cyber criminals who are responsible for creating CryptoWall because there is no guarantee that this will help you to recover your files. It's just a malicious method used for earning illegal money. If you have just discovered that your computer was infected by Cryptowall, you should run a full system scan with SpyHunter ASAP. Please, make sure you use updated version, which will help you to remove all malicious files that belong to this ransomware.
How can CryptoWall infect my computer?

This malicious intruder may enter your computer as a legitimate update for well-known programs (Java, Flash Player, Adobe Reader, etc.) that might be offered to you when visiting unsafe and corrupted websites. However, in most of the cases CryptoWall ransomware travels around bundled with corrupted spam letters. You can download it after opening an infected email attachment that presents itself as a bill of some sort of purchase or similar thing. If CryptoWall infects the system, it leaves DECRYPT_INSTRUCTION.txt, DECRYPT_INSTRUCTION.html, and DECRYPT_INSTRUCTION.url in every single folder that it encrypts. Also, this ransomware starts showing such alert:

Decrypt service
Your files are encrypted.
To get the key to decrypt files you have to pay 500 USD/EUR. If payments is not made before [date] the cost of decrypting files will increase 2 times and will be 1000 USD/EUR Prior to increasing the amount left: [count down timer]
We are present a special software - CryptoWall Decrypter - which is allow to decrypt and return control to all your encrypted files. How to buy CryptoWall decrypter?
1.You should register Bitcoin waller
2. Purchasing Bitcoins - Although it's not yet easy to buy bit coins, it's getting simpler every day.
3. Send 1.22 BTC to Bitcoin address: 1BhLzCZGY6dwQYgX4B6NR5sjDebBPNapvv
4. Enter the Transaction ID and select amount.
5. Please check the payment information and click "PAY".

How to remove CryptoWall virus from my computer?

Unfortunately, if CryptoWall infects your system, it leaves you without an ability to decrypt your corrupted files. For that you need to pay a ransom and get a decryption code. Nevertheless, you can also try a backup or using file recovery tools. If you have been performing backups, you should be capable of restoring your files.

For Cryptowall removal, we recommend using Malwarebytes Anti Malware it is a free download and work well. They also have a paid version which will monitor your computer in the background and protect against any incoming threats.

Finally, we must add that we highly recommend thinking about the prevention of such infections. For that you can use previously mentioned programs. Besides, don't forget to think about the immunity of your files and make backups as frequently as possible. In addition, you can use USB external hard drives, CDs, DVDs, or simply rely on Google Drive, Dropbox, Flickr and other solutions. Anything you can't afford to loss you MUST BACKUP.

 

Please contact me if you thin you may have been infected with this threat.
Jo (757)375-7744


God Bless You

 

Remember 9-11