CrazyCrypt Ransomware Description
The CrazyCrypt Ransomware is an encryption ransomware Trojan that seems to combine elements of numerous other encryption ransomware Trojans in its attack. The CrazyCrypt Ransomware seems to be based on the Cry128 Ransomware with numerous other additions. The CrazyCrypt Ransomware seems to include a control panel that has been linked to HiddenTear Ransomware variants and displays a ransom demand that seems to be linked to Jigsaw Ransomware variants. The CrazyCrypt Ransomware carries out a typical encryption ransomware attack, taking the victim's files hostage so that, to have their data back to normal, the victims must pay a ransom.
The CrazyCrypt Ransomware will Drive Its Victims Crazy
The CrazyCrypt Ransomware is distributed via corrupted spam email attachments, as well as through bogus file downloads. Once installed, the CrazyCrypt Ransomware uses an encryption ransomware Trojan to make the victim's files inaccessible. The CrazyCrypt Ransomware can be detected and intercepted by most of the security software in many cases, which stresses the importance of using a good security program to protect your computer. The following are examples of the files that the CrazyCrypt Ransomware will encrypt in its attack:
.jpg, .jpeg, .raw, .tif, .gif, .png, .bmp, .3dm, .max, .accdb, .db, .dbf, .mdb, .pdb, .sql, .dwg, .dxf, .cpp, .cs, .h, .php, .asp, .rb, .java, .jar, .class, .py, .js, .aaf, .aep, .aepx, .plb, .prel, .prproj, .aet, .ppj, .psd, .indd, .indl, .indt, .indb, .inx, .idml, .pmd, .xqx, .xqx, .ai, .eps, .ps, .svg, .swf, .fla, .as3, .as, .txt, .doc, .dot, .docx, .docm, .dotx, .dotm, .docb, .rtf, .wpd, .wps, .msg, .pdf, .xls, .xlt, .xlm, .xlsx, .xlsm, .xltx, .xltm, .xlsb, .xla, .xlam, .xll, .xlw, .ppt, .pot, .pps, .pptx, .pptm, .potx, .potm, .ppam, .ppsx, .ppsm, .sldx, .sldm, .wav, .mp3, .aif, .iff, .m3u, .m4u, .mid, .mpa, .wma, .ra, .avi, .mov, .mp4, .3gp, .mpeg, .3g2, .asf, .asx, .flv, .mpg, .wmv, .vob, .m3u8, .dat, .csv, .efx, .sdf, .vcf, .xml, .ses, .qbw, .qbb, .qbm, .qbi, .qbr , .cnt, .des, .v30, .qbo, .ini, .lgb, .qwc, .qbp, .aif, .qba, .tlg, .qbx, .qby , .1pa, .qpd, .txt, .set, .iif, .nd, .rtp, .tlg, .wav, .qsm, .qss, .qst, .fx0, .fx1, .mx0, .fpx, .fxr, .fim, .ptb, .ai, .pfb, .cgn, .vsd, .cdr, .cmx, .cpt, .csl, .cur, .des, .dsf, .ds4, , .drw, .eps, .ps, .prn, .gif, .pcd, .pct, .pcx, .plt, .rif, .svg, .swf, .tga, .tiff, .psp, .ttf, .wpd, .wpg, .wi, .raw, .wmf, .txt, .cal, .cpx, .shw, .clk, .cdx, .cdt, .fpx, .fmv, .img, .gem, .xcf, .pic, .mac, .met, .pp4, .pp5, .ppf, .nap, .pat, .ps, .prn, .sct, .vsd, .wk3, .wk4, .xpm, .zip, .rar.
The files encrypted by the attack will be marked with the file extension '.[email address].crazy,' which is added to each affected file's name. The CrazyCrypt Ransomware attack has been linked to numerous email addresses.
The CrazyCrypt Ransomware's Ransom Demands
The CrazyCrypt Ransomware delivers a ransom note in the form of a text file named 'FILES ENCRYPTED.txt' dropped on the infected computer's desktop. The CrazyCrypt Ransomware ransom note contains the following text:
'all your data has been locked us
You want to return?
write email: firstname.lastname@example.org
and tell us your unique ID: [random characters]'
The CrazyCrypt Ransomware also displays a pop-up window with the following message:
'All your files have been encrypted!
All your files have been encrypted due to a security problem with your PC.
If you want to restore them, Write us to the e-mail:
Write this ID in the title of your message: E49AD***
The cost of decryption is US $500.
We receive payment only in BITCOINS.
After payment, we will send you the decryption key that will decrypt all your files.
To decrypt the files, transfer money to our bitcoin wallet number:
After payment we will send you the decryption key
Detailed instruction for decryption.
The easiest way to buy bitcoins: https://localbitcoins.com/
Enter Decryption Key Here: [text box]
[I made a payment, now give me my files back|BUTTON]
(Crazy Crypt Online)'
Computer users should not pay the CrazyCrypt Ransomware ransom and avoid contacting the criminals responsible for the CrazyCrypt Ransomware attack.