Security Awareness Training Blog

    Meet CryptoWall, The New Ransomware Leader (with heatmap)

    CryptoWall Ransomware HeatmapMalware comes in waves. CryptoLocker was the first major, vicious ransomware, and set off a bunch of copycats. Recently 16 competing ransomware gangs were identified. After CryptoLocker got dinged by Operation Tovar in June, the new kid on the criminal block is CryptoWall.

    The former CryptoLocker wannabe has netted 625,000 infected systems (80,000 more than CryptoLocker) and more than $1 million in ransom money up to now according to a new report by Dell SecureWorks' Counter Threat Unit (CTU). 

    They stated in a new threat intelligence report they "consider CryptoWall to be the largest and most destructive ransomware threat on the Internet as of this publication, and they expect this threat to continue growing."

    CryptoWall social engineers an end-user, infects an endpoint, and encrypts what it can get access to: hard disks, removable drives, network drives, and even cloud storage services that are mapped to a targeted file system. Attack vectors include exploit kits, drive-by-downloads and infected email attachments.

    CryptoWall has encrypted 5.25 billion files. Victims pay ransoms ranging from $200 to $2,000 apiece, however one victim paid $10,000. Over the course of six months CryptoWall criminals extorted 1,683 victims to pay up and made over $1 Mil in ransom money.

    Compared to CryptoLocker's first 2 months ($27) Mil that's not all that much but they do not provide a lot of payment options compared to CryptoLocker which provided the much easier MoneyPak option. CryptoWall only allows Bitcoin which are hard to come by for people that have no wallet set up. 

    "The threat actors behind this malware have several years of successful cybercrime experience and have demonstrated a diversity of distribution methods," the report said. "As a result, CTU researchers expect this threat will continue to grow."

    Remember that KnowBe4's Kevin Mitnick Security Awareness Training comes with a crypto-ransom guarantee. If an employee who has taken our training and received at least one phishing security test per month clicks on a link and infects their workstation, KnowBe4 pays your crypto-ransom. Find out how affordable this is for your organization now: 

    Get A Quote Now

     

     

    Return To KnowBe4 Security Blog

    Topics: Security Awareness Training, Ransomware

    Stu Sjouwerman

    ABOUT STU SJOUWERMAN

    Stu Sjouwerman (pronounced “shower-man”) is the founder and CEO of KnowBe4, Inc., which hosts the world’s most popular integrated security awareness training and simulated phishing platform, with over 54,000 organization customers and more than 50 million users. A serial entrepreneur and data security expert with 30 years in the IT industry, Stu was the co-founder of Inc. 500 company Sunbelt Software, a multiple award-winning anti-malware software company that was acquired in 2010.

    Read more from Stu »

    Subscribe To Our Blog


    Security Awareness Training
    Blog RSS Feed
    Comprehensive Anti-Phishing Guide
    All Posts

    Posts by Tag

    See all

    Posts By Topic

    View All

    Get the latest about social engineering

    Subscribe to CyberheistNews