Petronella Blog Archive

Visit our New Blog

CryptXXX Solved

Blog Post

We recently told you about a new piece of ransomware called CryptXXX from the cybergang behind the Reveton malware. It turns out that security experts have now been able to decrypt files after a CryptXXX infection.

CryptXXX encrypts all files that are being stored locally and on any mounted drives, then asks for $500 in Bitcoins. The difference between this particular ransomware and others is that while it’s holding the user hostage, it’s also stealing data along with whatever bitcoins it can.

CryptXXX uses the Angler Exploit Kit that infects machines with the Bedep Trojan. It’s also makes tracking down what website is spreading it more difficult by delaying the external storage encryption.

The good news is that if you’ve been infected the decryption for CryptXXX has been added to the RannohDecryptor tool, which should help you restore your files.

To protect yourself from future ransomware, download the free Ransom Protection Checklist or sign up to receive it by mail. If you find that you might be at risk, schedule a free 10 minute Ransomware Safety Review.