Cryptowall Malware Attacks Sheriff’s Office And Tries To Blackmail

5

Writte by: Anon.Dos

 

Dickson County Sheriff’s department was attacked by a Trojan malware. The Ransom-ware Trojan encrypted all the case files in the system. The creator of the program demanded $500 Bitcoins in order to restore the seventy two thousand files.

Jeff McCliss a detective working on the case said that the malware – Crypto Wall – does not harm the files but keeps them locked until the demanded amount has been paid. After a meeting with the Federal Bureau of Investigation and Tennessee Bureau of Investigation the agencies came to a conclusion to pay the programmer. Investigators say that the malware came from a possible advert and someone must have clicked on the ad in order to download and activate the malware.

According to security website Symantec, Crypto Wall encrypts files and creates a large number of registries in the system. This happens every time the computer restarts. It also encrypts them with a particular extension with instructions on how to obtain the decryption key software.

Once the files are encrypted a text is displayed on HTML note pad telling the target to obtain a key in order to decrypt them.  There is a certain time limit to it otherwise the key is lost and the files are coded forever. cryptopwall attack sherrifs office

The message contains a link to the website for the payment. Most of these sites are on the anonymous TOR Network. If the link is of the TOR Network it asks the user to download the TOR browser bundle in order to gain access to the link.

Following image shows the Global CryptoWall fnfection distribution (Click on the picture to enlarge):Sheriff-s-Office-Pays-Ransom-to-Unlock-Files-Encrypted-by-CryptoWall-464962-3

Link: Protect your PC and mobile devices from hackers & governments and surf anonymously 

____________________________________________________________________________________________________

Sources:

http://www.techworm.net/2014/11/sheriff-falls-prey-ransom-ware.html

http://www.symantec.com/security_response/writeup.jsp?docid=2014-061923-2824-99

 

 

 

Get Your Anonymous T-Shirt / Sweatshirt / Hoodie / Tanktop, Smartphone or Tablet Cover or Mug In Our Spreadshirt Shop! Click Here

Loading...
Remove all ads by clicking here

5 COMMENTS

  1. So nobody thought to back up any of those 72,000 case files? But they did think it was a good idea to pay the extortionist, thus promoting the activity. And they had to call in the FBI to show them how to use TOR to pay the ransom. You funny, Dickson County.

LEAVE A REPLY

Please enter your comment!
Please enter your name here