CryptoWall attack

Home Forums Other Open Source CryptoWall attack

This topic contains 3 replies, has 4 voices, and was last updated by Avatar omrizarko 3 years, 11 months ago.

Viewing 4 posts - 1 through 4 (of 4 total)
  • Author
  • Avatar
    babu farooq

    dear all .

    in our network there is a cryptowall attack i believe ..when we try to open the files it locked and asking money to open the lock ..please give me solution to get rid off from this issue…



    That would presumably be CryptoLOCKER?

    a) Pay (but refer to Mr Kipling’s views on Danegeld first)
    b) Disconnect from internet, run many AV scans to remove the infection (keep machines isolated while disinfecting to prevent re-infection) then restore from backup


    We use SonicWALL with their Gateway Anti-Virus and Geo-IP filter as preventative measures. In addition to anti-virus programs, we utilize these two to block the Crypto-Wall and Crypto-Locker viruses from infecting us and by blocking the IP of foreign countries where the command and control servers generally live (we block everything but the US and a handful of “safe” countries), we prevent the virus from establishing a connection to the C&C servers to generate their key without which they can’t begin encryption. We then use software like Malwarebytes to remove the infection. It’s not perfect, but it helps.


    Take all your computers off the network. Remove and resolve the infection on each computer using your antivirus and malware recovery tools.
    Restore all your data from backup.

    I’m assuming you have backups.
    You have backups, right?

Viewing 4 posts - 1 through 4 (of 4 total)

You must be logged in to reply to this topic.