FBI Warns that Cryptowall Ransomware Has Cost Victims $18 Million

The FBI’s Internet Crime Complaint Center (IC3) issued a warning on Tuesday that the CryptoWall scam is the most common cyber threat seen in the U.S. today, a stat indicated by a number complaints made to the IC3 according to a report in CBS News. The Internet Crime Complain Center also reported that:

  • It received 992 complaints about CryptoWall since April 2014, with losses estimated up to $18 million in damages caused by the hacking malware.
  • Scammers using CryptoWall have targeted both businesses and individuals with ransom demands starting from $200 and going up to $10,000.

The FBI also noted that victims spend additional money after being attack, in addition to financial losses already incurred due to the attack. Expenses for subsequent legal fees, tech help and network support among other fees are absorbed by businesses.


CryptoWall is prominent among a group of ransomwares that hack into victims’ computers before encrypting the files and making them inaccessible. A ransom is then quoted and demanded in exchange for the key that decrypts the encryption. The scam usually begins when an unsuspecting user clicks on a phishing email which redirects the user to a faux site that’s hosted with an exploit kit.

While few infections rely on looking into vulnerabilities in software on the victims’ machines in order to exploit them, malware is still delivered on a routine basis through malicious links that are usually sent via emails which then downloads the malware onto the victims’ computer. When the ransom is paid, users typically gain access to their devices soon after.

Existing for nearly 16 months now, the CryptoWall malware has steadily gone through a number of iterations and versions comprising of subtle changes. A key change was recently implemented when the cybercriminals behind the malware used Tor to hide the infection’s command and control infrastructure, making it more concealed from law enforcement operations and agencies.

The defense against CryptoWall

Notable strides are being made in the dismantling of ransomware operations by the FBI and other law enforcement agencies. A multi-nation operation involving several authorities from different countries recently took down the GameOver Zeus (GOZ) operation, a Trojan used to distribute CryptoLocker – another ransomware. This was achieved in a joint task-force set up between the FBI and Europol, when taking down the GOZ botnet in June 2014.

To protect yourself from CryptoWall, here are some helpful tips from FBI’s IC3:

  • Regularly update your firewall and anti-virus software.
  • Always use pop-up blockers while browsing.
  • Don’t click on email attachments from unrecognizable sources.
  • Any sign of an infection, proceed to quickly disconnect your computer from the internet.
  • If you have been contacted by ransomware hackers, report it to the FBI.