Just a few days ago, we reported how Kaspersky Labs has been able to crack the CryptXXX decryption code and create a tool which lets users restore file access without paying the Bitcoin ransom. The latest CryptXXX update nullifies this tool entirely, and security researchers are back to square one.
RannohDecryptor is the tool Kaspersky Labs has created to let users bypass the Bitcoin ransom after getting infected with CryptXXX. It did not take long for the malware creators to come up with a solution that makes this tool all but useless, and version 3.0 of this ransomware was released a few days ago.
Albeit there is no available tool to combat CryptXXX 3.0 right now, computer users dealing with this infection are advised not to pay the Bitcoin ransom. Given these recent changes to the encryption algorithm, security researchers are concerned that paying the fee will not necessarily result in received a decryption key.
Kaspersky Labs advises users to hold off on acting on the infection itself until security researchers come up with a revised version of RannohDecryptor. However, that may be easier said than done, as it can take anywhere from a few days so several weeks until a solution has been found. Given the fact Kaspersky Labs managed to break the CryptXXX encryption algorithm twice already, there is a good chance they will continue that streak, though.
This new evolution of CryptXXX comes on the heels of TeslaCrypt developers shutting down their ransomware strain and releasing the master decryption key to the public. Some people assumed this was the end for ransomware infections around the world, but it is safe to say this threat seems far from over.
Cerber, which is another strain of Bitcoin ransomware, has undergone some major changes recently as well. Other than infecting a device and ensuring the user can’t access the computer files, the new version of Cerber will make infected devices part of a botnet to execute DDoS attacks. Ransomware keeps evolving into a more severe threat than the previous generation, and CryptXXX seems to be following that lead by example.
How long will it take before this new version of CryptXXX can be decrypted through a free tool? Let us know your thoughts and predictions down below!
Source: Bleeping Computer
Images courtesy of Shutterstock, Kaspersky Labs
1 Hova Villas Brighton & Hove
BN3 3DH United Kingdom
All rights reserved by Bitcoinist Ltd. | 2016.