A CryptoWall ransomware campaign is currently impacting New Zealand organisations. CryptoWall is malicious software that encrypts files on an infected computer including any files accessible on network drives. The victim is then required to pay a ransom to have the files decrypted and access restored. Cryptowall is being distributed through email campaigns that entice recipients into opening a malicious attachment, by such methods as claiming the attachment is a bill, a special offer, job application or a delivery notice. The current campaign is using a “Resume” theme with a zip file attachment containing a malicious JavaScript file.

Here is an example of the email message.

ransomware_example

You should:

  • instruct all staff not to open suspicious or unsolicited emails
  • ensure you have complete backups stored offline
  • ensure your anti-virus systems are up to date
  • Consider configuring software white-list policies. See http://support.microsoft.com/kb/310791 and http://technet.microsoft.com/en-us/library/hh994606.aspx

One Thought on “IMPORTANT: CryptoWall ransomware warning”

Leave a Reply

Your email address will not be published. Required fields are marked *