Cisco’s Talos Security Intelligence and Research Group has analyzed a second version of CryptoWall. It uses strong public-key cryptography to scramble files with certain extensions. The fee demanded from victims ranges from $100 to $500. The only other way to counter it is by restoring files from a backup, although CryptoWall hunts around and tries to encrypt those files as well. Researchers can’t see the IP addresses of the servers that CryptoWall connects to, blocking further investigation of servers used as part of its infrastructure. It then communicates with command-and-control servers using the Tor network.”]
Source: https://www.csoonline.com/article/2867005/cryptowall-ransomware-variant-has-new-defenses.html