CryptoWall Expands to Images
Posted by Third Tier on 24 October 2014 10:50 AM
CryptoWall has expanded into images hosted as advertising on popular sites.
Sites that have had infected advertising in recent months include these very popular locations. The crypto
variants like this one will never be proactively detected by your anti-malware protects easily, because they exclusively use legal means of installation and operation. Meaning that everything they do is allowed by a non-admin user of a computer. There is no suspicious behavior.
Recently we’ve heard that there are now over a hundred variants of Crypto but the thing is that they continue to infect via the same method. Improvements are related to being in more places where they might find you (distribution) and improvements in hiding the trail back to the authors (deception). Which means that you can continue to use our Cryptolocker Prevention Kit to protect your computers.
In addition to the software restriction policies in the kit, we also recommend blocking .RU at the edge of your network (your firewall) and making sure that no one but the account used by your backup software has write access to your backup location. Further you should minimize the number of mapped drives that each individual has access to because in the event of infection anything that the user has access to including network mapped drives could be encrypted by the Crypto variants.
Find our free kit on our blog. Be sure to read everything that we’ve written about Crypto so you know how to use the kit before you deploy it. And check out what we really do at Third Tier, which is help MSP’s be more successful.
Our Crypto Information and Prevention Kit: http://www.thirdtier.net/?s=crypto
Not a Third Tier customer yet? Let me introduce: We’re Third Tier. We provide advanced Third Tier support for IT Professionals and MicroStaffing for IT consulting firms. Come on over, create an account (no charge) and follow our social media locations.