- Dec 27, 2014
- 3,423
A new ransomware called GetCrypt is being installed through malvertising campaigns that redirect victims to the RIG exploit kit. Once installed, GetCrypt will encrypt all of the files on a computer and then demand a ransom payment to decrypt the files.
This ransomware was discovered by exploit kit researcher nao_sec who alerted BleepingComputer when they saw being installed via the RIG exploit kit in Popcash malvertising campaigns. When a victim is redirected to a page hosting the exploit kit, malicious scripts will try to exploit vulnerabilities found on the computer.
If successful, it will download and install GetCrypt into Windows. You can see an example of the exploit kit infecting a computer from this any.run session.
[...]
GetCrypt Decryptor Released
If you were infected with the GetCrypt Ransomware, it is possible to get your files back for free. All you need is a original unencrypted copy of a file that has been encrypted.
If you have an encrypted/unencrypted file pair, simply download the decrypt_GetCrypt.exe program from the following link and save it on your desktop:
[...]
Full article @ source.
Sample @ https://malwaretips.com/threads/getcrypt-ransomware-21-05-2019.92618/
This ransomware was discovered by exploit kit researcher nao_sec who alerted BleepingComputer when they saw being installed via the RIG exploit kit in Popcash malvertising campaigns. When a victim is redirected to a page hosting the exploit kit, malicious scripts will try to exploit vulnerabilities found on the computer.
If successful, it will download and install GetCrypt into Windows. You can see an example of the exploit kit infecting a computer from this any.run session.
[...]
GetCrypt Decryptor Released
If you were infected with the GetCrypt Ransomware, it is possible to get your files back for free. All you need is a original unencrypted copy of a file that has been encrypted.
If you have an encrypted/unencrypted file pair, simply download the decrypt_GetCrypt.exe program from the following link and save it on your desktop:
[...]
Full article @ source.
Sample @ https://malwaretips.com/threads/getcrypt-ransomware-21-05-2019.92618/