A new and active campaign for the CryptON Ransomware is currently underway where attackers are hacking into computers with Internet accessible Remote Desktop Services. Once the attackers gain access to the computer they manually execute the ransomware and encrypt your files.
This new campaign was first discovered by Malwarebytes security researcher
S!Ri who posted about it on Twitter.
....
.....
It is not possible to decrypt the CryptON Ransomware Variant
Unfortunately, at this time there is no way to decrypt files encrypted by the CryptON Ransomware variant for free. Emsisoft does have a decryptor for older variants, but it does not work with the current version and it is unknown if a solution will be found.
The only way to recover encrypted files is via a backup, or if you are incredibly lucky, through Shadow Volume Copies. Though CryptON does attempt to remove Shadow Volume Copies, in rare cases ransomware infections fail to do so for whatever reason. Due to this, if you do not have a viable backup, I always suggest people try as a last resort to
restore encrypted files from Shadow Volume Copies as well.
For those who wish to discuss this ransomware or need support, you can use our dedicated
CryptON Ransomware Support & Help Topic.