Threat Database Ransomware CryptoBlock Ransomware

CryptoBlock Ransomware

By GoldSparrow in Ransomware

Threat Scorecard

Ranking: 16,962
Threat Level: 20 % (Normal)
Infected Computers: 19
First Seen: December 20, 2016
Last Seen: July 19, 2023
OS(es) Affected: Windows

The CryptoBlock Ransomware is a ransomware Trojan. This means that the CryptoBlock Ransomware is designed to take the victim's computers hostage in exchange for ransom. There are several types of ransomware Trojans, the most common including threats that take the victim's computer hostage by using a lock screen to prevent computer users from accessing their data and threats that encrypt the victim's files using a strong encryption algorithm. This second type is by far the strongest type of ransomware Trojan and, in many cases, other ransomware Trojans will pretend to be capable of encrypting files despite not having this function.

The CryptoBlock Ransomware Encrypts and Blocks Your Files

It is possible that the CryptoBlock Ransomware is still in development. One of the reasons for this assumption is that the first versions of the CryptoBlock Ransomware were uncovered on a threat analysis service, which may be used by con artists to test threats under development to find out if it can evade a security software. The CryptoBlock Ransomware uses a lock screen to block computer users from accessing their computers. the CryptoBlock Ransomware's lock screen is very similar to the lock screen used by CryptoLocker, although there is no relationship between these two threats. The CryptoBlock Ransomware does not change the affected files' extensions and, in its current version, it is incapable of encrypting the victim's files. The CryptoBlock Ransomware instead scrambles the name of all the files it targets, making it a confusing attack that can be effective on inexperienced computer. The current version of the CryptoBlock Ransomware copies the victim's files and scrambles their names, although the original copies remain on the victim's computer unaltered.

The CryptoBlock Ransomware Delivers Its Ransom Demands Via Audio

The CryptoBlock Ransomware's lock screen demands the payment of 0.3 BitCoin (approximately $300 USD at the current exchange rate) to 'decrypt' the affected files. The CryptoBlock Ransomware also plays audio on the victim's computer, which tells victims that their files have been encrypted. The CryptoBlock Ransomware's ransom note includes a BitCoin payment address and a confirm button for victims to confirm that the payment was carried out. When the payment is carried out, a button marked 'Decrypt Files' becomes active. According to the CryptoBlock Ransomware ransom note, the ransom payment doubles every twelve hours if the payment isn't carried out. There also is a timer that indicates that the files will be deleted when it runs out. All of these are currently empty threats since this version of the CryptoBlock Ransomware is incapable of encrypting the victims' files.

The Future of the CryptoBlock Ransomware and How to Deal with this Threat

Although the current version of the CryptoBlock Ransomware does not encrypt files, future versions of the CryptoBlock Ransomware (or its finished version if it is in development currently) may be capable of encrypting the victims' files. Everything about the CryptoBlock Ransomware indicates that the authors of this threat are attempting to create a high-level, sophisticated attack. This makes it likely that the CryptoBlock Ransomware may be released in its full version in the future. The CryptoBlock Ransomware also leads to a payment Web page that is under construction currently. Regardless of the state of the CryptoBlock Ransomware, however, PC security researchers strongly advise computer users against paying the ransom associated with these attacks. Paying the ransom does not guarantee the return of the affected files. Furthermore, paying the CryptoBlock Ransomware's ransom finances the creation and development of the CryptoBlock Ransomware and other ransomware Trojans, putting other computer users in danger. Instead, you should take preventive measures, such as using a reliable anti-malware scanner that is fully up-to- date and having backups of all files.

Trending

Most Viewed

Loading...