Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 3 replies
  • Subscribers 1 subscriber
  • Views 6700 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

CryptoWall 2.0

Coretex

Hello,

Recently we have had a CryptoWall 2.0 infection hit one of our machines. We were fortunate enough for it to just encrypt the local content, and nothing on the servers.

We have been having a hell of a time trying to locate the file that this infection originated from, to try and prevent a repeat infection.

After spending some time looking for anything (ANYTHING) of interest, we have found nothing. It does appear that CryptoWall 2.0 removes itself once it's finished encrypting everything it can.

Does anyone have any experience or helpful tips with this?

Cheers :)

:54111


This thread was automatically locked due to age.
Parents
  • 0

    Hello Coretex,

    I've probably not encountered this one back then in May

    prevent a repeat infection

    Locating an involved file and sending it in as a sample might result in a timely detection upon the next encounter. FWIW you shouldn't reckon that you can prevent a next time with absolute certainty. It's advisable that you (also) assess your data's exposure and review your backups - strategy as well as actual operation.

    Christian

    :54125
Reply
  • 0

    Hello Coretex,

    I've probably not encountered this one back then in May

    prevent a repeat infection

    Locating an involved file and sending it in as a sample might result in a timely detection upon the next encounter. FWIW you shouldn't reckon that you can prevent a next time with absolute certainty. It's advisable that you (also) assess your data's exposure and review your backups - strategy as well as actual operation.

    Christian

    :54125
Children
No Data