Ransomware and Bitcoin make a great combination, but for all the wrong reasons. There was a sudden increase in the number of ransomware attacks earlier in this year which continued into the last few months. While these attacks continue even today, most of them usually go unreported in the media.
Cryptowall is one of the widely used malware to launch ransomware attacks. The malware has been so good at doing its job that even the FBI has given up on it. What the guys behind it are using it for is a completely different story though.
Who is behind all these ransomware attacks involving Cryptowall 3.0? It is a question which many security companies and law enforcement agencies have been working hard to figure out. The hard work seems to have paid off as the companies involved in the malware hunt have had a small but crucial breakthrough.
The Cyber Threat Alliance consisting of cyber security companies like Intel Security, Palo Alto Networks, Fortinet, Symantec have upon investigation come to believe that the all Cryptowall have originated from a single source. A report on ransomware attacks shows that there is a common pattern with all ransom demands which was identified by the Cyber Threat Alliance while analyzing the bitcoin wallets used to receive bitcoin from victims.
The alliance has reportedly found that several main bitcoin wallets were repeatedly used in multiple attacks and all ransomware attack waves originated from the same individual, group or an entity. These ransomware attacks usually involve Cryptowall like malware which infect the systems. Once the malware is inside, it will encrypt all the files and render them inaccessible. These encrypted files can be accessed only after decryption using the right key. Hackers hold these files for ransom and only when the victim meets their demands the decryption key will be shared with them.
The cybercriminals behind Cryptowall have so far received millions of dollars in bitcoin from their victims, making it a very successful cybercrime.
Download: Cryptowall Version 3 Threat Report – Cyber Threat Alliance