You are here

Alert: New type of malware called “Cryptowall”

14th July 2014

The National Fraud Intelligence Bureau has received the first reports from victims of a new type of malware, known as “Cryptowall”. This is similar to older malware which can encrypt all files on infected machines.

Cryptowall is the latest in a line of viruses which, once they are on an infected machine, encrypt all files in a way which is difficult or impossible to remedy. A pop-up screen will inform victims that they can pay a fee (often in Bitcoin) to obtain the encryption key to unlock the machine, but this key is rarely returned.

Therefore, if you become infected - it will mean you lose access to all your files permanently.

Cryptowall poses a significant threat both because of the damage it can cause and because of the range of ways in which users can become infected. These include: 

  • Emails containing attachments which look innocent but which are in fact executable files containing the malware.
  • Emails containing links to websites which, once visited, will automatically download Cryptowall onto the machine. 
  • Links within reputable websites (for instance embedded links to videos or adverts) can cause damage if the user does not have an up-to-date version of the plug-in they are using.

Protect yourself from Cryptowall

Having up-to-date virus protection is of course essential, but it will not always prevent you from becoming infected. Please consider the following prevention tips as well: 

  • Make sure that your internet browser and any plug-ins (e.g. Flash, Java, Silverlight) are up-to-date.
  • Don’t click on links or open attachments from unknown email addresses. Remember that fraudsters can “spoof” an email address to make it look like one used by someone you trust. If you are unsure, check the email header to identify the true source of any such attachment or link.
  • Beware of links contained within websites – for example adverts or video files on sites which look trustworthy.
  • Back-up your files to a location not directly linked to your machine or network.
  • Close unneeded connections on business networks – this will help to prevent the spread of the virus from infected machines.
To report a fraud and receive a police crime reference number, call Action Fraud on 0300 123 2040 or use our online fraud reporting tool.