Like its predecessors, the new version is being distributed through drive-by download attacks that exploit vulnerabilities in outdated browser plug-ins or through other malware already installed on computers, researchers from Microsoft said Tuesday in a blog post.
According to Kafeine, depending on the victim's location, the malware might also display the ransom note and instructions in a different language. For example, on his test system he received the CryptoWall instructions in French.
Users should back up their files regularly to a storage device that is then disconnected from the computer and network to prevent the backups from also getting encrypted by a CryptoWall infection. In the absence of backups there is usually no option to recover the files aside from paying cybercriminals for the decryption key.
Sign up for MIS Asia eNewsletters.