Security Alert: Cryptowall Makes A Comeback Disguised As Help Files

Virus Icon2Spam Servers Deliver Ransomware-Infected Links

Cyber-criminals are now resorting to hiding malware such as Cryptowall, in malicious Help File attachments with .chm designations. CHM files are used in help systems for software applications.

Cryptowall is an advanced variant of the famous Cryptolocker ransomware that is responsible for extorting millions from businesses.

Hackers are now sending infected links in SPAM emails and delivering their malicious payloads as soon as a target opens the CHM file without further interaction from the victim.

Beware of emails claiming to be from a trusted source such as software vendors, offering updated Help File links, etc. As a rule, you should be leery about any email asking you to click on a link for any reason. Hackers often spoof emails to make them look like they’re coming from legitimate sources.

To guard against infections:

  • Make sure your anti-virus and anti-malware programs are up-to-date and run them frequently. XSolutions scans all managed machines for viruses and malware EVERY evening.
  • ​​Install a Backup/Disaster Recovery (BDR) system capable of keeping external, image-based copies of your servers so you can recover quickly should your systems get infected and encrypted. XSolutions offers complete Disaster Recovery Solutions to keep your business going when disaster strikes.
  • Use an Advanced Spam Filter to prevent malicious emails from even reaching you and your employees. XSolutions’ new Advanced Spam Filter service stops 99.9% of SPAM, viruses, worms, and harmful content and attachments from even reaching your network.
  • Make sure your business computer systems are managed by a Managed IT Services provider (MSP) like XSolutions. XSolutions takes a proactive approach to prevent issues and excessive downtime through ongoing monitoring, maintenance, and rapid response to issues.

Have questions or concerns? Give us a call at (845) 362-9675.

 

XSolutions is a Managed Services Provider (MSP) and provides 24/7/365 remote monitoring, scheduled workstation and server maintenance, Help Desk Services, Cloud & Hosted Services, Backup/Disaster Recovery, and Software Development. Call us at (845) 362-9675 and see how we can help your company.