Our website uses cookies

Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing Infosecurity Magazine, you agree to our use of cookies.

Okay, I understand Learn more

CryptoWall US Losses Top $18 Million Says FBI

The infamous CryptoWall ransomware has cost US victims in excess of $18m since April 2014, according to new data from the FBI which claims the malware continues to spread apace.

The Feds said in a public service announcement this week that its Internet Crime Complaint Center (IC3) has been inundated with cases since last year, with a total of 992 individuals and businesses seeking help.

It claimed the ransom from CryptoWall is typically between $200 and $10,000, although costs usually escalate as IT security tools and mitigations need to be installed.

The financial impact also extends to include things like lost productivity, legal fees, additional IT services, and possibly the purchase of credit monitoring services for employees or customers, the FBI said.  

The most recent variant of the prolific ransomware, CryptoWall 3.0, was spotted by researchers at the beginning of the year using anonymity network I2P to communicate with its C&C server – making it even harder for researchers to shut down.

The ransomware already used Tor to host personal links to decryption pages for victims, in a bid to stay hidden, so the latest variant showed the gang behind it is constantly evolving the campaign to stay one step ahead of investigators.

The FBI’s advice is to use AV and firewalls from “reputable companies” and to keep these up-to-date; enable pop-up blockers to avoid accidental clicks on malicious content; always back-up content; and always be suspicious of unsolicited emails and attachments.

Stu Sjouwerman, CEO of security awareness training firm KnowBe4, argued that the $18m figure was likely to be far greater, given that many firms don’t report infections to the FBI, and the fact that downtime is likely to be much higher than estimates.

“CryptoWall 3.0 is the most advanced crypto-ransom malware at the moment,” he added.

“Additional damage is caused when a workstation is infected and has a mapped drive to a shared file server. At that point all the files are encrypted and a whole department is sitting on their hands. The impact to a business can be devastating.”

What’s Hot on Infosecurity Magazine?