A new ransomware variant that has been in development since early this year has a real roadmap for victims to explain the situation they find themselves in, where users also clear that the infection is their own fault. The ransomware was discovered by the Dutch security researcher Yonathan Klijnsma , who works at the Delft Fox-IT.
CryptoApp, as is called ransomware encrypts files with 162 different file extensions, like .docx, .avi and .xslx. Remarkably, according Klijnsma that files from QuickBooks accounting software is encrypted. Once active on a computer, the ransomware is looking not only at local disks for files to encrypt, but also relied network drives. As with other ransomware variants must then be paid an amount to decrypt the files.
It is in this case to an amount of 1 bitcoin, what with the current exchange rate 231 euros. On the website of the ransomware is user-maker explained their situation. As the author states that victims have been infected because they have not been paying attention. Also, the computer of the user according to the ransomware maker poorly protected and the files can be recovered only by paying. Thereby paying victims are advised to turn off their virus scanner.
The tool for decrypting the files can namely be considered as malware and removed by the virus. In that case, users will lose all their files, according to the warning. According Klijnsma the ransomware is not widespread and probably still in development. The website of the ransomware-maker, which was hosted on the Tor network, early August is gone. It may be that the author, the project has stopped or a new location sought to continue its operation, with the old website was a test setup, the researcher says.
No comments:
Post a Comment