In April and May 2016, Kaspersky Lab, which released decryptors for two different variants of the ransom software CryptXXX, is now releasing a new decryptor for files locked with the latest version of the malware. CryptXXX has been infecting thousands of computers around the world since April 2016. CryptXXX turns out to be one of the most dangerous ransom families, spread out most actively.
Since April 2016, Kaspersky Lab has found that CryptXXX has attacked at least 80,000 users from all over the world. More than half of these are in the US, Russia, Germany, Japan, India and Canada. However, these only include users protected by Kaspersky Lab’s threat detection technologies. Unfortunately, the total number of users who have been attacked is much higher. The actual number is unknown, but Kaspersky Lab experts predict that there may be hundreds of thousands of users infected with malware.
“Even if you do not already have a decryption tool for the current versions of malicious software that encrypts your files, do not pay the crimes,” said Anton Ivanov, Kaspersky Lab Security Expert. Record your corrupted files on one side and be patient, because after a while there is a high probability that a decryption tool will emerge. As proof of this, we can consider the example of CryptXXX v.3. Numerous security experts around the world are constantly working to help ransom victims. In the end, the great majority of malware will be resolved, “he says.
No More Ransom
This decryption tool can be downloaded from Kaspersky Lab’s website and Nomoreransom.org.
The non-profit No More Ransom venture has been alleged by the Dutch High Technology Crime Unit of the Netherlands, Europol’s European Cyber Crime Center, Kaspersky Lab and Intel Security, to ensure that victims of ransom get their encrypted data back without having to pay any offense. The global fight against ransom continues rapidly with more than 30 new partners joining the No More Ransom project from both the public and private sectors.
“Our data shows that attacks over the past three years have tripled in business over the past year, indicating that every 2 minutes there is an attack every 40 seconds from an attack,” said Jornt van der Wiel, Security Researcher at Kaspersky Lab Global Research and Analysis Team. The rate of increase for individual users varied from one every 20 seconds to one every 10 seconds. In parallel, many new ransom software appeared. Although many people who pay ransom have never got their files back, they still think that there are not many options other than paying a lot of people. This project offers an alternative to unlocking your files without paying a ransom. “