CryptXXX was first found by Proofpoint researchers in April. The researchers found that this ransomware is closely associated to the Reveton ransomware operation and Angler/Bedep. The ransomware programs unusually encrypt files and then demand a ransom which the user has to pay via Bitcoin. However, the demands vary depending upon various ransomwares. Some ransomwares even demand Apple iTunes Gift cards, but Kaspersky’s free decryption tool allows you to recover files without paying a penny. RannohDecryptor from Kaspersky clears systems of both Rannoh and CryptXXX malware if there is at least one original file which has not been affected by a ransomware. CryptXXX uses RSA4096, John Snow from Kaspersky says that “very curious and greedy: not only does it encrypt the files, but it also steals bitcoins kept on victims’ hard drives and copies other data, which can be useful for cybercriminals”. Kaspersky mentioned some steps to get rid of the ransomware : “It’s better not to tempt fate and prevent CryptXXX from infecting your PC beforehand,” Snow says. “Our decryption tool works today, but criminals can soon release a new version of the same ransomware that would be smarter. Very often culprits change malware code in such a way that it becomes impossible to decrypt infected files.” In order to protect yourself from malware attacks, download a reputed antivirus software and a scanner in order to check for malicious files, downloads, processes in your system.
