Cryptowall 3.0 information and analysis

cwall

So be sure to tell your end users to again to practice safe computing. Don’t click on email links and simply open attachments, be careful what you surf to in shady corners of the Internet.

Appears that there is still some cryptowall floating around in this “3.0” ransomware trojan variant that has been detected.

The folks over at SANS Internet Storm Center have a nice analysis on the traffic.

Analysis and write up here

They also mention malwr.com which is a nice free analysis service where you can submit or get your hands on the code in question to test or analyze youself. (be careful). Additionally you can upload also….

Lastly one of the screen shots mentions a nice tool called security onion which is a linux distro that will give you some advanced tools (like security monitoring, intrusion detection, etc). If your enterprise is not doing this sort of proactive monitoring of your systems, then its something you need to consider.