CryptoWall 2.0 is the latest variant of the malware type commonly known as RansomWare. This type of malware encrypts and holds your files hostage, requiring you to pay to get them back into a usable state. This is an advanced version of the CryptoWall malware that made its debut earlier this year, and is similar to CryptoLocker that was making the rounds heavily about a year ago (thankfully somebody has a repair utility
for that mess). This version is much more technologically advanced version that is built in such a way that it's going to be much harder to find a cure all.
BleepingComputer has a ton of up-to-date information about CryptoWall
as does PaloAlto Network's blog post
We are working with the various security vendors we work with to try to prevent this as much as possible, but there are a few things you can do to help avoid this and to be able to recover properly:
- Keep good backups: Short of paying the ransom, there is currently no way to get your files back without restoring from backup. Without good backups, you are not only vulnerable to these types of attacks, but also any number of other issues such as hardware failure, software issues, and more. It happens to the best of us, and you want to be ready when it does.
- Keep your anti-virus protection up-to-date: Many anti-virus programs will take care of themselves, but you should always double-check that updates aren't disabled for some reason.
- Keep Browser Add-ons Up-to-date: This has been known to come through via unpatched Acrobat Reader installations, and it's always a good idea to keep Acrobat, Java, and Flash fully up-to-date.
- Avoid unknown websites: Some web sites are unwittingly distributing the malware through banner ads that take advantage of unpatched browser add-ons. Stay on sites you know, avoid clicking on random Google links or advertisements.
- Don't open unknown email attachments: If you're not expecting the attachment, don't open it. These typically will come inside of zip files (which we generally block). If it is from someone you know and you have any question at all, call the person who purportedly sent it and ask them. Be especially cautious if the email appears to be a fax, invoice or a request or communication from a government agency.
- Don't open personal email on a company computer: We've seen an infection that came through via somebody opening their personal webmail account on their work computer, opening an infected attachment, and causing havoc on their network.
If you are a Weston CompleteCare
or Weston Essentials contract client, you can rest assured that we are monitoring your environment and your backups and are also updating your anti-virus software as soon as updates are available. We will alert you and start to work to get things fixed should an infection occur.
If you have any concerns or further questions, please let us know by replying to this email, emailing our service team at
or by calling your local Weston number (in Bend: 541.383.2340 or in Anchorage: 907.375.8324).