Monthly Archives: September 2014
Overview In late February 2014, the Dell SecureWorks Counter Threat Unit(TM) (CTU) research team analyzed a family of file-encrypting ransomware being actively distributed on the Internet. Although this ransomware, now known as CryptoWall, became well-known in the first quarter of 2014, it has been distributed since at least early November 2013. CTU researchers consider CryptoWall to be the largest and most destructive ransomware threat on the Internet as of this publication, and they expect this threat to continue growing. Background After the emergence of the infamous CryptoLocker ransomware in September 2013, CTU researchers observed an increasing number of ransomware families that destroyed data in addition to demanding payment from victims. While similar threats have existed for years, this tactic did not become widespread until CryptoLocker's considerable success. Traditionally, ransomware disabled victims' access to their computers through...
The Counter Threat Unit (CTU) at Dell SecureWorks performed an extensive analysis of CryptoWall that involved gathering data from its command-and-control (C&C) servers, tracking its variants and distribution methods and counting payments made by victims so far.
CryptoWall is “the largest and most destructive ransomware threat on the Internet” at the moment and will likely continue to grow, the CTU researchers said Wednesday in a blog post that details their findings.
The threat has been spreading since at least November 2013, but until the first quarter of this year it remained...
CryptoWall ransomware held over 600K computers hostage, encrypted 5 billion files
Page 1 of 212