DynA-Crypt Ransomware

The DynA-Crypt Ransomware refers to ransomware Trojans that are created using a ransomware creation key that is known as the 'Dynamite Malware Creation Kit.' The DynA-Crypt Ransomware encrypts the victims' files using the AES encryption and identifies the files that have been encrypted with the file extension '.crypt.' After encrypting the victim's files, the DynA-Crypt Ransomware displays a pop-up window that demands a ransom payment from the victim. During the attack, the DynA-Crypt Ransomware can disable numerous Windows features and software, such as the Windows Task Manager or the Windows Firewall, delete software from the victim's computer, and collect passwords that could be stored in the victim's Web browsers. This sets the DynA-Crypt Ransomware apart from other ransomware Trojans since it brings together several features that are typical of other threats.

The DynA-Crypt Ransomware is Pure Dynamite to Your Files

The DynA-Crypt Ransomware displays a short pop-up message on the victim's computer, simply alerting the victim of the attack and providing a BitCoin address to make the payment. This is different from numerous other ransomware Trojans that use lengthy ransom notes with a lot more details. Currently, the exact amount the DynA-Crypt Ransomware variants demand is unknown, but it will usually average between $500 and $1500 USD, carried out in BitCoins. PC security researchers strongly advise against paying the DynA-Crypt Ransomware ransom, since it is unlikely that con artists will keep their word to restore your files, and paying the DynA-Crypt Ransomware ransom simply allows con artists to continue financing these attacks. Unfortunately for computer users, the files encrypted by the DynA-Crypt Ransomware cannot be recovered without the decryption key, meaning that the best protection against the DynA-Crypt Ransomware is to ensure that there are backups of all files on an external memory device or the cloud.

Ransomware Creation Kits Similar to the One Used by the DynA-Crypt Ransomware

Currently, RaaS (Ransomware as a Service) companies and ransomware creation kits have started to emerge on the Dark Web. These services allow con artists to create ransomware variants that are customized to their specific attacks easily. In the case of RaaS providers, they give the con artists a ready-made ransomware Trojan depending on their specifications and even may provide the tools or services to distribute and track attacks. Ransomware creation kits like the one associated with the DynA-Crypt Ransomware require a bit more technical knowledge but allow con artists to skip many of the steps that are involved in developing a ransomware Trojan. According to this ransomware kit's marketing materials, the following are some of the features it offers to con artists attempting to start a ransomware campaign using the 'Dynamite Malware Creation Kit':

'No Kali Linux needed
Easy to use
No extra costs
Integrated Skype Log Viewer
Integrated Browser History Viewer
Creation of Evil Office Documents
Keylogger (incl. window title)
ScreenSpy (Like watching over the users shoulder)
Microphon Recorder
Steam Account Stealer
TeamSpeak 3 Account Stealer
Minecraft Account Stealer
Account Changer (to import grabbed Accounts)
Browser Password Grabber (Chrome, Firefox, IE, Edge)
Browser History Spy (Chrome, Firefox, IE, Edge)
Skype History Spy
Thunderbird Login Data
AirVPN Login Data
Loot via Email and/or FTP
Customizable CryptoLocker
Application Blocker (IE, Steam, Skype, Chrome, Firefox, Team Speak 3, Origin, Word, Excel, Powerpoint, Pidgin, Opera, Cyber Ghost VPN, iTunes, VLC Player)
Disable Firewall
Disable Command Prompt
Disable Run
Disable Volume Shadow Copy Service
Disable Smartscreen
Disable Security Center
Disable Task Manager
Disable Windows Update
Disable Control Panel
Disable User Access Control
Disable Windows Defender
Disable Windows Account
Destroy Steam
Destroy Skype
Destroy Team Speak 3
Delete All Desktop Icons
System Locker and Freezer (Lock the system or force a bluescreen)
Backdoor Dropper (exe or string from SocialEngineerToolkit or Unicorn)
File Hiding (merge two files into one file)
Hidden Autostart (no reg or autostart folder used)
Small File Size'

As is evident from the above, the DynA-Crypt Ransomware allows con artists to carry out a wide variety of attacks that range from traditional ransomware attacks to tasks more observed in backdoor Trojans. The DynA-Crypt Ransomware seems to have a specific audience in mind, potentially associated with online gaming, since it has features to collect gaming passwords and seems to be designed to interfere with software like Steam and Team Speak, both very important to many online gamers specifically.

SpyHunter Detects & Remove DynA-Crypt Ransomware