A while ago, we helped spread word about the Cryptolocker virus and ways to protect what is important to your organization. The Department of Justice seized Cryptolocker’s main botnet and servers in early June, but now cybercriminals have spread a more powerful ransomware virus called Critroni (or cryptowall) assumed to be made to correct Cryptolocker’s faults.
Critroni uses rotating algoritms making it faster and more secure making decrypting the affected files impossible without paying the ransom (if there are no implementation flaws). Critroni is more dangerous than Cryptolocker because it completely encrypts your system locally before uploading to its servers. It also uses the Tor network as its’ backend, making it nearly impossible to trace.
Right now, Critroni is mainly targeting Russian-speaking users; however, there have been variants that display the ransom message in English. This means that the threat is spreading and being distributed more widely.
At this moment, our clients are protected by our professional-class VitalBackup recovery and disaster recovery plan. There are additional upgrades to firewall technology, anti-virus and anti-malware currently underway now (by our vendors) that we are keeping an eye on.
For more Stealthy Ransomware Critroni details.