- Jan 24, 2011
- 9,379
Yet another type of ransomware has been detected by malware researchers. Dubbed AlphaCrypt, it appropriates the look of TeslaCrypt, but operates similarly to Cryptowall 3.0.
"While this may look identical to TeslaCrypt it does have some improvements like deleting the VSS to make sure you aren’t saved by your shadow volume," Webroot researchers shared. It also makes sure to execute the process quietly (i.e. that no messages are shown to the victim.
The criminals are asking for the ransom to be paid in Bitcoin, which ensures anonymity and easy laundering of the money via Bitcoin mixers.
"The volatitlity of this variant is quite high since it creates new instances of common windows processes to do the encryption routine to try and be as covert as possible and is extremely similar to how Cryptowall 3.0 operates," the researchers noted.
Read more: http://www.net-security.org/malware_news.php?id=3033
"While this may look identical to TeslaCrypt it does have some improvements like deleting the VSS to make sure you aren’t saved by your shadow volume," Webroot researchers shared. It also makes sure to execute the process quietly (i.e. that no messages are shown to the victim.
The criminals are asking for the ransom to be paid in Bitcoin, which ensures anonymity and easy laundering of the money via Bitcoin mixers.
"The volatitlity of this variant is quite high since it creates new instances of common windows processes to do the encryption routine to try and be as covert as possible and is extremely similar to how Cryptowall 3.0 operates," the researchers noted.
Read more: http://www.net-security.org/malware_news.php?id=3033
