Threat Database Ransomware Ransomware Ransomware

By GoldSparrow in Ransomware

The Ransomware is a file encoder Trojan that was reported on May 16th, 2018. Computer security researchers alert that threat actors are using logos from trusted Internet service provides online shops and social networks to lure PC users into opening a macro-enabled document that installs the Ransomware on their machines.

The threat is very similar to older Trojans like the Cry9 Ransomware and the Cry36 Ransomware that is because the Trojan at hand is based on the same source — the Crypton Ransomware. The Ransomware features small modifications compared to earlier releases and the most obvious one is the use of a new email account to contact victims. Changes under the hood include a new set of ‘Command and Control’ servers, as well as modified encryption algorithms. The Ransomware deletes the Shadow Volume snapshots and the System Restore points, which means that you will need backup images and system recovery disks if you encounter this threat. We have seen the Ransomware encipher data in the following formats:

.3gp, .7z, .apk, .avi, .bmp, .cdr, .cer, .chm, .conf, .css, .csv, .dat, .db, .dbf, .djvu, .dbx, .docm, doc, .epub, .docx, .fb2, .flv, .gif, .gz, .iso .ibooks, .jpeg, .jpg, .key, .mdb .md2, .mdf, .mobi, .mkv, .mov, .mp3, .mp4, .mpg .mpeg, .pict, .pdf, .pps, .pkg, .png, .ppt .pptx, .rar, .rtf, .scr, .swf, .sav, .tiff, .tif, .tbl, .torrent, .txt, .vsd, .wmv, .xls, .xlsx, .xps, .xml, .zip, .js, .php, .rbw, .rb, .mrg, .dcx, .db3, .sql, .sqlite3, .sqlite, .sqlitedb, .psd, .psp, .pdb.

It is likely that the affected users would not have access to content that can be read using software like MySQL, MongoDB, Microsoft Office, VLC Media Player, 7Zip, FastStone Image Viewer and other desktop applications. The Trojan loads the ransom note as ‘HOWTODECRYPTFILES.html’ that is saved to the desktop and offers the following text:

‘All files are encrypted!
CryptON Ransomware

To decrypt files, you need to purchase special software <>
Restore the data, follow the instructions!

You can learn more / request e-mail:
You can learn more/questions in the chat:
h[tt]ps://cryptxf3zamy56fz.tor2we[.]link (not need Tor)
h[tt]ps://cryptxf3zamy56fz.onion[.]plus (not need Tor)
h[tt]ps://cryptxf3zamy56fz[.]onion (need Tor)
You can learn more problem out Bitmessage:
h[tt]ps://bitmessage[.]me/BM-[random characters]’

It is possible to counter threats like Ransomware with the help of a trusted anti-malware shield and a good backup manager. We advise against contact with the threat authors via ‘’ as you may be invited to pay hundreds of dollars worth of Bitcoin and lose your money. PC users who want to protect their data against power outages, system crashes, and crypto-threat may be interested in what Google Inc., Dropbox Inc., and Microsoft Corp. have to offer.

1 Comment

I was a victim of this ransomed ware yesterday....My laptop was down...i cant use it...I have a question this ransomed ware can affect DATA D???


Most Viewed