New ransomware gets infostealer component
Apr 19, 2016 09:25 GMT · By Catalin Cimpanu
CryptXXX is a new ransomware variant discovered during the past weeks, which, besides encrypting the user's data, is also capable of stealing Bitcoin from infected targets, along with passwords and other personal details, security researchers from Proofpoint have found.
The first signs of the CryptXXX ransomware appeared towards the end of March. Security experts say the ransomware is distributed via Web pages that host the Angler exploit kit. This crimeware kit uses vulnerabilities to push the Bedep click-fraud malware on the users' systems.
Bedep is also known for having "malware downloading" capabilities, so it will download the CryptXXX ransomware as a second-stage infection, dropping it as a delayed execution DLL, set to wait 62 minutes before launching.
http://i1-news.softpedia-static.com/images/news2/new-cryptxxx-ransomware-locks-your-files-steals-bitcoin-and-local-passwords-503149-3.png
CryptXXX ransom note added as a wallpaper.
Full Article