What is Cryptowall?
What type of computer does Cryptowall target?
How is the virus spread?
Where does it come from?
This image represents how the cryptowall virus infection process is standard for a virus.
The infection process is standard for a virus, although once it is hooked on to your computer it then starts to begin a network connection to random servers, it then uploads connection information like the public IP address, location and the system information including OS.
In Cryptowall spam campaigns, the emails usually contain a malicious attachment and include a message attempting to convince the user to download the file. The email could claim that the attachment is an invoice, an undelivered package notice, or an incoming fax report. If the user opens the attachment, then their computer will be infected with Trojan Cryptowall.
How to know when your computer is infected by Cryptowall:
- HTML
- TXT
- INSTALL_TOR
These file names are the signature of Cryptowall.
Another way is attempting to open certain files, such as .doc, .xls or .pdf, for example, the files are launched with the correct program; however, data may be garbled or not properly displayed.
How to protect your business from Cryptowall
- You should have an active antivirus application installed with the latest virus definition files.
- Having a Malware scanner
- A back up system