Connect with us

Hi, what are you looking for?

HEADLINES

Kaspersky Lab finds way to unlock files encrypted with CryptXXX ransomware

After releasing decryption tools for two variants of CryptXXX ransomware in April and May 2016, Kaspersky Lab is releasing a new decryptor for files that have been locked with the latest version of the malware. This program was capable of infecting thousands of PCs around the world since April 2016, and it was impossible to fully decrypt the files affected by it.

After releasing decryption tools for two variants of CryptXXX ransomware in April and May 2016, Kaspersky Lab is releasing a new decryptor for files that have been locked with the latest version of the malware. This program was capable of infecting thousands of PCs around the world since April 2016, and it was impossible to fully decrypt the files affected by it.

The free RannohDecryptor tool by Kaspersky Lab can decrypt most files with .crypt, .cryp1 and .crypz extensions. CryptXXX is one of the most actively distributed and dangerous families of ransomware: for a long time criminals used the Angler and Neutrino exploit kits to infect victims with this malware. These two kits were considered among the most effective in terms of successfully infecting targets.

Since April 2016, Kaspersky Lab products have registered attacks by CryptXXX against at least 80,000 users around the world. More than half of them located in only six countries: the US, Russia, Germany, Japan, India and Canada. But these are only users that were protected by Kaspersky Lab’s detection technologies. Unfortunately the total number of attacked users is much higher. The actual figure is not known, but Kaspersky Lab experts estimate that there may be several hundred thousand infected users.

“Our regular advice to the victims of different ransomware families is the following: even if there is currently no decryption tool available for the version of malware that encrypted your files, please don’t pay the ransom to criminals. Save the corrupt files and be patient – the probability of a decryption tool emerging in the near future is high. We consider the case of CryptXXX v.3 as proof of this advice. Multiple security specialists around the world are continuously working hard to be able to help victims of ransomware. Sooner or later the solution to the vast majority of ransomware will be found,” said Anton Ivanov, security expert at Kaspersky Lab.

Advertisement. Scroll to continue reading.

The decryption tool can be downloaded from Kaspersky Lab’s website and from Nomoreransom.org – the website of the not-for-profit initiative launched this year by the National High Tech Crime Unit of the Netherlands’ police, Europol’s European Cybercrime Centre and two cyber security companies, Kaspersky Lab and Intel Security, with the goal of helping victims of ransomware to retrieve their encrypted data without having to pay the criminals.

The other advice is to think proactively and protect oneself in advance. It’s much more convenient not to get files corrupted in the first place. To do this, follow these two simple steps:

  1. Back up your data regularly on a detachable media that is not kept connected to your computer all the time.
  2. Install a good security solution. By the way, recent independent studies showed that Kaspersky Internet Security is extremely good against ransomware.

Learn more about the CryptXXX ransomware family on Securelist.com or www.kaspersky.com.

Advertisement
Advertisement
Advertisement

Like Us On Facebook

You May Also Like

White Papers

When compared to 2023, Sophos saw a 51% increase in abusing “Living off the Land” binaries or LOLbins; since 2021, it’s increased by 83%.

HEADLINES

Someone illegally acquires or uses personal information such as bank account or credit card numbers of another person to obtain money, goods or services....

HEADLINES

To stay ahead of these challenges, organizations need to invest in AI-driven defenses, transition to quantum-safe encryption, and adopt a Zero Trust approach to...

HEADLINES

There was a 121% Year-on-Year (YoY) increase in identity fraud in 2024 across the region, with significant surges recorded in Singapore (207%), Thailand (206%)...

White Papers

The survey found that CXO’s feel less prepared than their global peers. Less than half or 48% in APAC said they felt completely prepared...

HEADLINES

On average, a single organization in the Philippines experiences 4,003 attacks per week, significantly higher than the APAC average of 2,870 attacks per week.

White Papers

Exploiting this vulnerability, cybercriminals craft deceptively authentic phishing emails that align with current trends, exploiting human emotions to invoke urgency and trick recipients into...

HEADLINES

As the year 2024 draws to a close, cybersecurity solutions provider Fortinet unveiled predictions that expect hackers will leverage as well as trends that...

Advertisement