For years we have been recommending leaving AOL and Yahoo behind, initially do to their poor spam control and the abundance of ads they subject you to. We also see many yahoo email accounts being hacked and AOL is not much better. Lets face it if you have an AOL email address your are officially 2000 and late…
The horrifying and yes horrifying is the right word, outcome of this inundation of ads by these providers is the lack of policing of the content, now the worst virus for home and business users alike is spreading like wildfire.
CryptoWall V2.0 now uses poisoned ads on dozens of major sites like Yahoo, AOL and Match.com to infect networks. Malicious ads are nothing new in themselves, but second-gen ransomware using them is worrisome
Reports show that the sites themselves were not compromised; rather, the advertising networks upon which they relied for dynamic content were inadvertently serving malware. This means a so-called drive-by-download where the user does not have to click on anything. Up to now, CryptoWall was spread via spam with infected email attachments and download links sent by the Cutwail botnet.
The website visitors hit by this malvertising are people who run unpatched versions of Adobe Flash. The poisoned ads silently ‘pull in’ malicious exploits from the FlashPack Exploit Kit, hence the “drive-by-downloads”.
According to security researchers at Dell SecureWorks, more than 830,000 victims worldwide have been infected with ransomware, a 25% increase in infections since late August when there were 625,000 victims.
The first ransom usually has a deadline of 4-7 days and demands about $500. Even the bad guys understand it’s not always easy to get your hands on Bitcoins quickly. But when this first deadline is not made, the ransom doubles to roughly $1,000, depending on Bitcoin exchange rates.
Counting the ransom payments to CryptoWall’s Bitcoin addresses, Proofpoint estimates that the attackers make $25,000 per day. Recent data taken directly from the CryptoWall ransom payment server shows since August 2014 an additional 205,000 new victims have been claimed.
@ Computer Doctor we are dealing with the Cryptowall virus every week.
Want to know how well your practice or business is protected from todays’ and tomorrows’ ever evolving threats?
Let us provide your small business with a comprehensive security and threat assessment and get your security holes patched and vulnerable software updated.
Additionally we can install our CryptoInoculator software to help stop this virus before it infects your home or business network and causes irreparable damage to your pictures, documents, spreadsheets etc.