Kaspersky Lab is pleased to announce the results of 22 tests carried out by independent research companies in Q4 2014. The experts tested Kaspersky Lab’s security solutions and those of other vendors: they analyzed how effectively popular security products detect new, unknown malware including mobile malware, protect against phishing and financial threats, and how they affect device performance.
After releasing decryption tools for two variants of CryptXXX ransomware in April and May 2016, Kaspersky Lab is releasing a new decryptor for files that have been locked with the latest version of the malware. This malicious program was capable of infecting thousands of PCs around the world since April 2016, and it was impossible to fully decrypt the files affected by it. But not anymore.
The free RannohDecryptor tool by Kaspersky Lab can decrypt most files with .crypt, .cryp1 and .crypz extensions.
CryptXXX is one of the most actively distributed and dangerous families of ransomware: for a long time criminals used the Angler and Neutrino exploit kits to infect victims with this malware. These two kits were considered among the most effective in terms of successfully infecting targets.
Since April 2016, Kaspersky Lab products have registered attacks by CryptXXX against at least 80,000 users around the world. More than half of them located in only six countries: the US, Russia, Germany, Japan, India and Canada.
But these are only users that were protected by Kaspersky Lab’s detection technologies. Unfortunately the total number of attacked users is much higher. The actual figure is not known, but Kaspersky Lab experts estimate that there may be several hundred thousand infected users.
“Our regular advice to the victims of different ransomware families is the following: even if there is currently no decryption tool available for the version of malware that encrypted your files, please don’t pay the ransom to criminals. Save the corrupt files and be patient – the probability of a decryption tool emerging in the near future is high. We consider the case of CryptXXX v.3 as proof of this advice. Multiple security specialists around the world are continuously working hard to be able to help victims of ransomware. Sooner or later the solution to the vast majority of ransomware will be found,” - said Anton Ivanov, security expert at Kaspersky Lab.
Learn more about ransomware on Securelist.com
The decryption tool can be downloaded from Kaspersky Lab’s website and from Nomoreransom.org – the website of the not-for-profit initiative launched this year by the National High Tech Crime Unit of the Netherlands’ police, Europol’s European Cybercrime Centre and two cyber security companies, Kaspersky Lab and Intel Security, with the goal of helping victims of ransomware to retrieve their encrypted data without having to pay the criminals.
Articles related to Virus News
According to Kaspersky Lab the number of untrusted certificates used to sign malicious software doubled in the last year. By the end of 2014 the company’s antivirus database included more than 6,000 of these certificates. Considering the growing amount of threats related to signing malicious files our experts advise system administrators and users not to trust digital signatures without question and not to allow signed files to launch purely on the strength of the signature
According to the results of a study conducted by Kaspersky Lab and B2B International, a DDoS attack on a company’s online resources might cause considerable losses – with average figures ranging from $52,000 to $444,000 depending on the size of the company.