Posts tagged CryptoWall

CryptMix, a combination of CryptXXX and CryptoWall, targets Windows OS and is distributed via phishing emails and drive-by downloads. Once installed, it proceeds to encrypt 862 file types and change their extension to .CODE. CryptMix initially demands a ransom payment of 5 Bitcoins but doubles the amount if the ransom is not paid within a set time period.

Read More

CryptoWall, a successor to the now-defunct CryptoLocker, targets Windows OS and spreads via spam, drive-by downloads, malvertising campaigns, and exploit kits such as Nuclear and Angler. Once it has been executed on a system, it maintains persistence, escalates privileges, destroys all system restore points, and deletes all Shadow Volume Copies to prevent file restoration before beginning the encryption process. 

Read More