CryptoWall 2.0 Available in the Wild, Has New Obfuscator

9 years ago
3 October 2014
1 reply
584 views

Userlevel 7

+54

Jasper_The_Rasper
Moderator
10580 replies

Distributed through email purporting to be from the IRS
By Ionut Ilascu on October 3rd, 2014

Malware authors have officially updated CryptoWall, as version 2.0 has been spotted in the wild, using Tor anonymous network to establish a connection with the command and control server.
Although samples of the crypto-malware using Tor have been observed by security researchers a while back, they still had the 1.0 mark. The Tor component was not built into the crypto-malware, but downloaded as an encrypted binary from compromised websites.

Modified version 1.0 of the threat could have been a test build

Recently, a sample was caught that uses the ransom message to explicitly inform the owner of a compromised computer that their data has been locked with CryptoWall 2.0; Tor communication is used in this one, too.

Ransom message refers to CryptoWall 2.0

Full Article

1 reply

Userlevel 7

retiredAntus67
Community Guide
5988 replies
9 years ago
4 October 2014

Once again tor is involved with this malicious software. tor is much to blame as the cyber criminal

Reply

We have recently updated our Privacy Policies. We encourage you to read the full terms here.

Modified version 1.0 of the threat could have been a test build

Reply

Sign up

Login to the community

Scanning file for viruses.

This file cannot be downloaded