By CagedTech in Ransomware

Threat Scorecard

Ranking: 11,419
Threat Level: 10 % (Normal)
Infected Computers: 691
First Seen: October 31, 2014
Last Seen: September 4, 2023
OS(es) Affected: Windows

Crowti, also detected as Win32/Crowti, TSPY_ZBOT.SMCC, Cryptowall, Cryptodefense and various other names is a ransomware or lock-screen Trojan. After infecting the targeted computer, Crowti may encrypt your files and lead you to a Web page containing directions on how to access these files. Then, Crowti will ask you to pay a ransom using Bitcoins. Computer users shouldn't pay the asked ransom since no one can assure that this payment will give back the control of your files. Crowti may enter your machine when you click on a link included on a spam e-mail or be installed by other threats such as TrojanDownloader:Win32/Upatre or TrojanDownloader:Win32/Onkods. If your computer was infected by Crowti and you have paid the asked ransom, you always can communicate with your credit card source and dispute the charge. However, the most urgent measure that should be taken is to remove Crowti from the infected machine in order to avoid further harm and get your files working again. You should delete Crowti with an anti-malware device and decrypt the compromised files with a proper device.


Crowti may call the following URLs:

Related Posts


Most Viewed