Sheriff’s Office forced to pay $500 bitcoin RANSOM to unlock encrypted 72,000 case files
Bizarre but true! Daily Mail today reported that the Sheriff’s department of The Dickson County was attacked by a Ransomware trojan ware that encrypts all of the files on the system and can be decrypted only if the ransom has been paid for them to the malware handlers/creators.
Detective Jeff McCliss said that a Ransomware malware on a computer locked the agency’s case files, which included autopsy reports, witness statements and crime scene photos. He stated that the malware, called “CryptoWall,” doesn’t tamper with files on a computer, but keeps them locked until a ransom is paid. After consulting with the Tennessee Bureau of Investigation and the FBI, McCliss said the agency determined that the only way to get their files back was to pay the asking price: the $500 in bitcoins in ransom. Officials think the malware came from an malvertising ad someone in the department clicked on. McCliss added that it did not seem that that the Sheriff’s office was targeted by cyber crooks.
CryptoWall is a malware that encrypts files on the compromised computer. It then asks the user to pay a ransom to have the files decrypted. The initial malicious payload typically arrives on the affected computer through spam emails, exploit kits hosted through malicious ads (as in this case)or compromised sites, or other malware.
Once the malware is executed on the compromised computer, it creates a number of registry entries to store the path of the encrypted files and run every time the computer restarts. It encrypts files with particular extensions on the computer and creates additional files with instructions on how to obtain the decryption key. This threat family attempts to convince the user to pay money in order to get the key to unlock their files. It uses a variety of different techniques in order to encourage the user to pay the ransom.
Viruses infecting computers are as common as ants invading the picnic table, especially if its a unguarded one — sooner or later, it’s just going to happen. The reality surrounding malware is that it’s here to stay. The more that the Internet of Things (IoT) permeates our daily consciousness, granting smart features to everyday items, the greater the influx of malware will be. Such a target-rich environment is precisely what a majority of malware thrives in. The more targets, the greater the chance of a pay off (or destruction) — whatever the motivation behind the malware, more is viewed as better than less.
This is why viruses like CryptoWall (and its predecessor, the now defunct CryptoLocker) are poised to strike consumers and enterprises equally very hard. With the internet as its distribution point, any and all Windows desktops that are not thoroughly protected will likely feel the pain of CryptoWall’s payload through either direct or indirect infection.
Even the law enforcement had to bow before the mighty CyrptoWall!
Here is video of the news being reported on TV