To Customer Support To Customer Support

CryptXXX Is Now Undecryptable, Prevents Users from Accessing Their PC

Jasper_The_Rasper
Rank
Userlevel 7
Badge +54

Crooks fix their issue, harden ransomware against decryption

 
         http://i1-news.softpedia-static.com/images/news2/cryptxxx-is-now-undecryptable-prevents-users-from-accessing-their-pc-503884-2.png
 
May 10, 2016 09:17 GMT  ·  By Catalin Cimpanu CryptXXX, one of the most recent ransomware families discovered, has seen a major update, and besides circumventing a free decryption tool released by Kaspersky, the ransomware now also prevents users from accessing their files altogether.
 
CryptXXX first spotted in mid-April and was detected by security firm Proofpoint. The ransomware worked just like any other crypto-ransomware on the market today, meaning it would infect targets via malvertising, encrypt their files, and ask for a ransom.
 
Users had full access to their computers, except to the encrypted files. They could still use the "same computer" to go online, buy Bitcoin, and pay the ransom.
 Full Article

4 replies

Baldrick
Rank
Userlevel 7
Well, that is a shame but as I have always said the way to beat ransomware is to prevent it in the first place rather than trying to decrypt it.
 
Advertising the fact that such a piece of crapware is decryptable without paying the ransom is as 'a red rag to a bull' and the result was never in doubt...that the miscreants would patch the 'hole'. :(
Webroot SecureAnywhere Complete Beta Tester v9.0.24.49, imaged by Macrium Reflect v7.2
R
Rank
Userlevel 7
Good;point Baldrick the key words are "preventive measures" use these on a daily basis are your preventing trouble for sure.
Jasper_The_Rasper
Rank
Userlevel 7
Badge +54
Here they are again showing the red rag to the bull, they have now developed another decryption tool to fix this version.
I don't expect it will be long before a new version is brought out.
 
May 16, 2016  By Pierluigi Paganini
 

Security Experts at Kaspersky have updated their decryption tool to adapt to the second version of CryptXXX ransomware in the RannohDecryptor 1.9.1.0.

 
A couple of hours ago I published an interesting post the summarizes the ransomware activities in the last week, and unfortunately, this kind of malware is becoming even more popular in the criminal underground.
 
A few weeks ago a new threat appeared in the wild, it is the CryptXXX ransomware that was first spotted by the experts from Proofpoint in April. Researchers at ProofPoint discovered a number of compromised websites hosting the Angler exploit kit that were abused by crooks to serve the CryptXXX ransomware and infect Windows machines.
 
The CryptXXX ransomware has the ability to encrypt local files and any other document present on every connected data storage a short time after the PC has been infected. The threat also steals Bitcoins from the victim’s machines.
 
Full Article
Baldrick
Rank
Userlevel 7
I think that yo are correct there, Jasper...but that this goes to illustrate very well the continual battle between the Good & Dark sides of the Force. ;)
Webroot SecureAnywhere Complete Beta Tester v9.0.24.49, imaged by Macrium Reflect v7.2

Reply


Terms & Conditions

© 2004 - Webroot Inc.

We have recently updated our Privacy Policies. We encourage you to read the full terms here.