CryptoWall Is Back – Beware Infected “Help” Files
A new wave of ransomware attacks are using .chm attachments to execute malware that encrypts files on infected machines. The files remain locked until a ransom is paid in bitcoin currency. And all it takes is one careless employee’s click to infect a network. .chm is the file extension used by the Compiled HTML file format, once widely utilized to deliver user manuals in digital format. These help files contain compressed HTML documents, images and JavaScript files, a hyperlinked table of contents, an index, and are fully searchable. Due to their interactive nature, and the fact that CHM files can carry malicious payloads without being detected by antivirus software, .chm files were once among the favored tools of malicious hackers.