CryptoBlock Ransomware
Threat Scorecard
EnigmaSoft Threat Scorecard
EnigmaSoft Threat Scorecards are assessment reports for different malware threats which have been collected and analyzed by our research team. EnigmaSoft Threat Scorecards evaluate and rank threats using several metrics including real-world and potential risk factors, trends, frequency, prevalence, and persistence. EnigmaSoft Threat Scorecards are updated regularly based on our research data and metrics and are useful for a wide range of computer users, from end users seeking solutions to remove malware from their systems to security experts analyzing threats.
EnigmaSoft Threat Scorecards display a variety of useful information, including:
Ranking: The ranking of a particular threat in EnigmaSoft’s Threat Database.
Severity Level: The determined severity level of an object, represented numerically, based on our risk modeling process and research, as explained in our Threat Assessment Criteria.
Infected Computers: The number of confirmed and suspected cases of a particular threat detected on infected computers as reported by SpyHunter.
See also Threat Assessment Criteria.
Ranking: | 16,962 |
Threat Level: | 20 % (Normal) |
Infected Computers: | 19 |
First Seen: | December 20, 2016 |
Last Seen: | July 19, 2023 |
OS(es) Affected: | Windows |
The CryptoBlock Ransomware is a ransomware Trojan. This means that the CryptoBlock Ransomware is designed to take the victim's computers hostage in exchange for ransom. There are several types of ransomware Trojans, the most common including threats that take the victim's computer hostage by using a lock screen to prevent computer users from accessing their data and threats that encrypt the victim's files using a strong encryption algorithm. This second type is by far the strongest type of ransomware Trojan and, in many cases, other ransomware Trojans will pretend to be capable of encrypting files despite not having this function.
Table of Contents
The CryptoBlock Ransomware Encrypts and Blocks Your Files
It is possible that the CryptoBlock Ransomware is still in development. One of the reasons for this assumption is that the first versions of the CryptoBlock Ransomware were uncovered on a threat analysis service, which may be used by con artists to test threats under development to find out if it can evade a security software. The CryptoBlock Ransomware uses a lock screen to block computer users from accessing their computers. the CryptoBlock Ransomware's lock screen is very similar to the lock screen used by CryptoLocker, although there is no relationship between these two threats. The CryptoBlock Ransomware does not change the affected files' extensions and, in its current version, it is incapable of encrypting the victim's files. The CryptoBlock Ransomware instead scrambles the name of all the files it targets, making it a confusing attack that can be effective on inexperienced computer. The current version of the CryptoBlock Ransomware copies the victim's files and scrambles their names, although the original copies remain on the victim's computer unaltered.
The CryptoBlock Ransomware Delivers Its Ransom Demands Via Audio
The CryptoBlock Ransomware's lock screen demands the payment of 0.3 BitCoin (approximately $300 USD at the current exchange rate) to 'decrypt' the affected files. The CryptoBlock Ransomware also plays audio on the victim's computer, which tells victims that their files have been encrypted. The CryptoBlock Ransomware's ransom note includes a BitCoin payment address and a confirm button for victims to confirm that the payment was carried out. When the payment is carried out, a button marked 'Decrypt Files' becomes active. According to the CryptoBlock Ransomware ransom note, the ransom payment doubles every twelve hours if the payment isn't carried out. There also is a timer that indicates that the files will be deleted when it runs out. All of these are currently empty threats since this version of the CryptoBlock Ransomware is incapable of encrypting the victims' files.
The Future of the CryptoBlock Ransomware and How to Deal with this Threat
Although the current version of the CryptoBlock Ransomware does not encrypt files, future versions of the CryptoBlock Ransomware (or its finished version if it is in development currently) may be capable of encrypting the victims' files. Everything about the CryptoBlock Ransomware indicates that the authors of this threat are attempting to create a high-level, sophisticated attack. This makes it likely that the CryptoBlock Ransomware may be released in its full version in the future. The CryptoBlock Ransomware also leads to a payment Web page that is under construction currently. Regardless of the state of the CryptoBlock Ransomware, however, PC security researchers strongly advise computer users against paying the ransom associated with these attacks. Paying the ransom does not guarantee the return of the affected files. Furthermore, paying the CryptoBlock Ransomware's ransom finances the creation and development of the CryptoBlock Ransomware and other ransomware Trojans, putting other computer users in danger. Instead, you should take preventive measures, such as using a reliable anti-malware scanner that is fully up-to- date and having backups of all files.
Submit Comment
Please DO NOT use this comment system for support or billing questions. For SpyHunter technical support requests, please contact our technical support team directly by opening a customer support ticket via your SpyHunter. For billing issues, please refer to our "Billing Questions or Problems?" page. For general inquiries (complaints, legal, press, marketing, copyright), visit our "Inquiries and Feedback" page.