Important News: CryptoWall Ransomware Virus is back after been absent.
Issue: CryptoWall 3.0 has been identified as a Ransomware virus known to encrypt client system files, including those in the PPART application folder affecting program functionality, which may jeopardize system stability and potentially patient data. CryptoWall also deletes the original file using secure deletion to prevent the files from being restored with file recovery software and attempts to delete Windows Shadow Volume backups to prevent files from being restored.
Attackers have started distributing a new and improved version of the CryptoWall file-encrypting ransomware program over the past few days, security researchers warn.
The new version, dubbed CryptoWall 3.0, uses localization and passes traffic to a site where users can pay for their decryption keys through two anonymity networks.
According to some experts, depending on the victim’s location, the malware might also display the ransom note and instructions in a different language.
Users should back up their files regularly to a storage device that is then disconnected from the computer and network to prevent the backups from also getting encrypted by a CryptoWall infection. In the absence of backups, there is usually no option to recover the files aside from paying cyber criminals for the decryption key.