Ransom is a sort of malware that blocks or restricts the users from accessing their devices. After that user may end up paying the amount demanded by the ransomware program via online payment methods. Ransomwares usually encrypt the user data and then force the victim to pay money

Here is How To Remove CryptXXX Ransomware With Kaspersky’s Free Decryption Tool

Software company, Kaspersky has developed a tool that can be used to decrypt files on computers affected by CryptXXX ransomware. The researchers from Kaspersky have managed to crack the CryptXXX ransomware code and have released a free tool for users to recover their files without paying a ransom.

CryptXXX was first found by Proofpoint researchers in April. The researchers found that this ransomware is closely associated to the Reveton ransomware operation and Angler/Bedep. The ransomware programs unusually encrypt files and then demand a ransom which the user has to pay via Bitcoin. However, the demands vary depending upon various ransomwares. Some ransomwares even demand Apple iTunes Gift cards, but Kaspersky’s free decryption tool allows you to recover files without paying a penny.

RannohDecryptor from Kaspersky clears systems of both Rannoh and CryptXXX malware if there is at least one original file which has not been affected by a ransomware. CryptXXX uses RSA4096, John Snow from Kaspersky says that “very curious and greedy: not only does it encrypt the files, but it also steals bitcoins kept on victims’ hard drives and copies other data, which can be useful for cybercriminals”.

Kaspersky mentioned some steps to get rid of the ransomware :

  1. Download the tool and launch it.
  2. Open Settings and choose drive types (removable, network or hard drive) for scanning. Don’t check the “Delete crypted files after decryption” option until you are 100% that decrypted files open properly.
  3. Click the “Start scan” link and choose where the encrypted .crypt file lies (that file, for which you have an unencrypted copy as well).
  4. Then the tool will ask for the original file.
  5. After that RannohDecryptor starts searching for all other files with “.crypt” extension and tries to decrypt all files, which weigh less than your original. The bigger file you’ve feed to the utility — the more files would be decrypted.

“It’s better not to tempt fate and prevent CryptXXX from infecting your PC beforehand,” Snow says.

“Our decryption tool works today, but criminals can soon release a new version of the same ransomware that would be smarter. Very often culprits change malware code in such a way that it becomes impossible to decrypt infected files.”

In order to protect yourself from malware attacks, download a reputed antivirus software and a scanner in order to check for malicious files, downloads, processes in your system.

2 COMMENTS

LEAVE A REPLY

Please enter your comment!
Please enter your name here