- Apr 5, 2014
- 6,008
- Content source
- http://bitcoinist.net/cryptxxx-3-0-beats-kaspersky-labs/
RannohDecryptor is the tool Kaspersky Labs has created to let users bypass the Bitcoin ransom after getting infected with CryptXXX. It did not take long for the malware creators to come up with a solution that makes this tool all but useless, and version 3.0 of this ransomware was released a few days ago.
CryptXXX Version 3.0 Is Here
Albeit there is no available tool to combat CryptXXX 3.0 right now, computer users dealing with this infection are advised not to pay the Bitcoin ransom. Given these recent changes to the encryption algorithm, security researchers are concerned that paying the fee will not necessarily result in received a decryption key.
Kaspersky Labs advises users to hold off on acting on the infection itself until security researchers come up with a revised version of RannohDecryptor. However, that may be easier said than done, as it can take anywhere from a few days so several weeks until a solution has been found. Given the fact Kaspersky Labs managed to break the CryptXXX encryption algorithm twice already, there is a good chance they will continue that streak, though.
This new evolution of CryptXXX comes on the heels of TeslaCrypt developers shutting down their ransomware strain and releasing the master decryption key to the public. Some people assumed this was the end for ransomware infections around the world, but it is safe to say this threat seems far from over.
Cerber, which is another strain of Bitcoin ransomware, has undergone some major changes recently as well. Other than infecting a device and ensuring the user can’t access the computer files, the new version of Cerber will make infected devices part of a botnet to execute DDoS attacks. Ransomware keeps evolving into a more severe threat than the previous generation, and CryptXXX seems to be following that lead by example.
CryptXXX Version 3.0 Is Here
Albeit there is no available tool to combat CryptXXX 3.0 right now, computer users dealing with this infection are advised not to pay the Bitcoin ransom. Given these recent changes to the encryption algorithm, security researchers are concerned that paying the fee will not necessarily result in received a decryption key.
Kaspersky Labs advises users to hold off on acting on the infection itself until security researchers come up with a revised version of RannohDecryptor. However, that may be easier said than done, as it can take anywhere from a few days so several weeks until a solution has been found. Given the fact Kaspersky Labs managed to break the CryptXXX encryption algorithm twice already, there is a good chance they will continue that streak, though.
This new evolution of CryptXXX comes on the heels of TeslaCrypt developers shutting down their ransomware strain and releasing the master decryption key to the public. Some people assumed this was the end for ransomware infections around the world, but it is safe to say this threat seems far from over.
Cerber, which is another strain of Bitcoin ransomware, has undergone some major changes recently as well. Other than infecting a device and ensuring the user can’t access the computer files, the new version of Cerber will make infected devices part of a botnet to execute DDoS attacks. Ransomware keeps evolving into a more severe threat than the previous generation, and CryptXXX seems to be following that lead by example.