The Cryptowall ransomware has enjoyed significant success in the emerging malware-as-a-service (MaaS) market, going through four revisions to up its encryption game and make it even harder for companies to recover user data. According to BetaNews, however, Cryptowall 4.0 is also getting a signal boost as part of the popular Angler exploit kit (EK).

Cryptowall 4.0 Follows the Money

As noted by SecurityWeek, the new Cryptowall comes with a number of improvements over old versions. It tricks users by masquerading as an antivirus solution checker when in fact it’s busy encrypting personal data. What’s more, version 4.0 encrypts file names along with the files themselves, making it impossible for users to target specific, high-value information as their first decrypt targets.

Prices are also going up. Cryptowall now wants $500 in bitcoin, and the ransom doubles in three days, making it difficult for typical users to effectively pay off the bad guys even if they were so inclined.

But the biggest worry? Cryptowall’s Angler addition. While the Nuclear EK team added 4.0 back in November 2015, security firm Bitdefender recently announced that Angler also opted in — which is especially problematic since Angler comes with obfuscation capabilities, antivirus detection, encrypted payloads and fileless infection.

With the kit compromising upward of 500,000 machines every month and the MaaS market quickly trending toward a corporate model that follows typical profit and competition rules, the addition makes good business sense: Cryptowall 4.0 is a value-added feature that nets Angler more downloads and a bigger piece of the MaaS market pie.

Coming Soon?

While ransomware is on the way up for 2016, it’s tempting to think of the problem as largely a user issue — enterprises have more to fear from data breaches than information encryption, right? According to a recent IT Web article, this may be a false sense of security. CEO of security firm ESET Carey van Vlaanderen noted that ransomware is quickly becoming an area of concern for IT professionals and CISOs.

Already, several European banks have been targeted by ransomware scams. While they’ve been largely unsuccessful owing to banks’ better-than-average IT security, it’s only a matter of time: Stolen sensitive information is one thing, but what if enterprises couldn’t conduct day-to-day operations because critical files were encrypted and then further obfuscated or hidden? It’s a safe bet C-suites would give serious consideration to a ransom payment.

Bottom line? The Angler inclusion of Cryptowall 4.0 shows savvy business acumen. Companies need to prepare for a world where enterprise-level MaaS targets big, small and everything in between.

More from

Increasingly Sophisticated Cyberattacks Target Healthcare

4 min read - It’s rare to see 100% agreement on a survey. But Porter Research found consensus from business leaders across the provider, payer and pharmaceutical/life sciences industries. Every single person agreed that “growing hacker sophistication” is the primary driver behind the increase in ransomware attacks. In response to the findings, the American Hospital Association told Porter Research, “Not only are cyber criminals more organized than they were in the past, but they are often more skilled and sophisticated.” Although not unanimous, the…

4 min read

Ransomware Renaissance 2023: The Definitive Guide to Stay Safer

2 min read - Ransomware is experiencing a renaissance in 2023, with some cybersecurity firms reporting over 400 attacks in the month of March alone. And it shouldn’t be a surprise: the 2023 X-Force Threat Intelligence Index found backdoor deployments — malware providing remote access — as the top attacker action in 2022, and aptly predicted 2022’s backdoor failures would become 2023’s ransomware crisis. Compounding the problem is the industrialization of the cybercrime ecosystem, enabling adversaries to complete more attacks, faster. Over the last…

2 min read

Machine Learning Applications in the Cybersecurity Space

3 min read - Machine learning is one of the hottest areas in data science. This subset of artificial intelligence allows a system to learn from data and make accurate predictions, identify anomalies or make recommendations using different techniques. Machine learning techniques extract information from vast amounts of data and transform it into valuable business knowledge. While most industries use these techniques, they are especially prominent in the finance, marketing, healthcare, retail and cybersecurity sectors. Machine learning can also address new cyber threats. There…

3 min read

HHS Releases Hospital Cyber Resiliency Landscape Analysis

4 min read - On April 17, 2023, The U.S. Department of Health and Human Services (HHS) 405(d) Program announced the release of its Hospital Cyber Resiliency Initiative Landscape Analysis. This landmark analysis reports on domestic hospitals’ current state of cybersecurity preparedness. The scope of the HHS study was limited to activities that protect access to patient care and safety and reduce the negative impact of cyber threats on clinical operations. Breaches of sensitive data were considered only if the breach had a direct…

4 min read