In a little over a year, the amount of money cashed in by operators of CryptoWall ransomware from victims in the United States got closer to the $20 / €17.8 million mark, according to the latest report from the FBI’s Internet Crime Complaint Center (IC3).
Starting out as an imitation (in both appearance and behavior) of the infamous CryptoLocker since at least November 2013, the ransomware threat received the name CryptoDefense in mid-March 2014, its authors settling for the CryptoWall moniker in early May 2014.
Financial losses are likely much higher
Between April 2014 and June 2015, IC3 received a total of 992 complaints related to the damaging activity of CryptoWall, victims reporting losses of $18 / €16 million as a result of the file encryption routine executed by the malware for blackmail purposes.
The malware attacks indiscriminately, both regular users and businesses suffering in the same way, with a typical ransom fee between $200 / €180 and $10,000 / €8,900, althoughIC3 says that additional costs are incurred by the victims, especially businesses, “associated with network mitigation, network countermeasures, loss of productivity, legal fees, IT services, and/or the purchase of credit monitoring services for employees or customers.”
The official amount lost to ransomware operators is definitely of concern, but it is very likely that cybercriminals cashed in much more than this, as not everyone hit by CryptoWall reported the infection. Apart from this, the distribution of the malware piece is not limited to the US and other regions are also affected, Australian users being among the top targets.
Simple ways to avoid ransomware-related losses
Relying on up-to-date security software for protection is a good idea, but crooks constantly create new variants that go undetected for a short period and can make a significant number of victims.
Users are recommended not to pay the ransom fee and set up a backup routine for their files, which is, at the moment, the most efficient form of recovering data encrypted by ransomware. Safe copies should be stored in a place isolated from the main workstation so they remain unaffected by malware.
Preventing an infection is not difficult and requires a higher dose of skepticism when facing messages from unknown or suspicious sources. Refraining from clicking on links or attachments in unsolicited emails is the first step in avoiding malware.