Cryptowall Malware Appearing More Frequently

June 10, 2014

MUNCIE, Ind. - Be aware that malware called Cryptowall is showing up with increasing frequency. Cryptowall, an updated version of an older type of malware, will encrypt the hard drive on the PC (or tablet or phone or server) you are working on and will demand a ransom payment via Bitcoin (non-traceable) to decrypt it. If your device is compromised, the only way to fix it is to completely wipe the hard drive and start over. Any data not backed up will be lost.

Cisco is reporting a large amount of activity regarding Cryptowall, and First Merchants is aware of an Indiana group that had a server compromised. Paying the ransom does not guarantee the hard drive will actually be decrypted, just that the criminal received money.

You can be compromised by Cryptowall by:

  • Clicking on phishing emails
  • Clicking on advertisements on websites. Malicious advertisements have been found on large, reputable sites, not just questionable websites.

To avoid becoming a victim:

  • Don’t click on the links or attachments of unexpected emails. Instead, just delete them, no matter who it says the sender is.
  • Don’t click on advertisements on websites, no matter how tempting they are.