US$18 million ransomed

SANTA CLARA, Calif., SUNNYVALE, Calif., and MOUNTAIN VIEW, Calif. September 26, 2016 – Fortinet (NASDAQ: FTNT), Intel Security (NASDAQ: INTC), Palo Alto Networks (NYSE: PANW) and Symantec Corp. (NASDAQ: SYMC), co-founders of the Cyber Threat Alliance, today announced the updated publication of research analyzing the prevalence and global impact of the lucrative CryptoWall family of ransomware.
On Oct 29, 2015 the Cyber Threat Alliance established a huge milestone by unveiling for the first time deep insight into the growing criminal threat of one of the most lucrative ransomware families in the world, CryptoWall version 3. This research and subsequent report resulted in actionable protection against this attack being deployed across each of the Alliance members’ security technologies, the unprecedented sharing of its collective intelligence with the public community through the CryptoWall version 3 Threat Report, as well as the sharing of IOCs (Indicators of Compromise) via GitHub.
However, not long after the impact of CryptoWall version 3 began to diminish, due in part to its public exposure by the Cyber Threat Alliance, CryptoWall authors released a fourth variant of CryptoWall just a few months later. This new variant attempted to evade current detection methods by modifying its predecessor’s malicious attributes. The Alliance and its members stayed true to their mission, however, and continued to track and analyze this new variant. The new CryptoWall version 4 Threat Report just announced by the Cyber Threat Alliance represents another milestone in cooperative efforts between security industry leaders by continuing to expose this new, highly dangerous variant to public scrutiny. This report allows organizations and security professionals alike to better understand the prevalence of CryptoWall version 4, and nature of its malware, and its growing global impact as compared to CryptoWall version 3.
Key highlights:

  • US$18 million ransomed so far
  • 7,194,840 attempted infections
  • 36,118 confirmed victims
  • 15 campaign code identifiers

Download at-a-glance Infographic.
To download a copy of the report or learn more about the Cyber Threat Alliance, visit:
About the Cyber Threat Alliance (CTA)
Co-founded by Fortinet (NASDAQ: FTNT), Intel Security (formerly McAfee), Palo Alto Networks (NYSE: PANW) and Symantec (NASDAQ: SYMC), the Cyber Threat Alliance (CTA) is the industry’s first group of cybersecurity solution providers who have come together in the interest of their collective customers to share threat information. The end goal for the information sharing is to raise the situational awareness about advanced cyberthreats and enable members and organizations worldwide to use the latest threat intelligence information to improve defenses against advanced cyber adversaries. For more information about the CTA, please visit:

Back to News