CryptXXX 3.0 Beats Kaspersky Labs Decryption Tool Again

CryptXXX 3.0 Beats Kaspersky Labs Decryption Tool Again

Bitcoinist_Bitcoin Ransomware CryptXXX 3.0

Just a few days ago, we reported how Kaspersky Labs has been able to crack the CryptXXX decryption code and create a tool which lets users restore file access without paying the Bitcoin ransom. The latest CryptXXX update nullifies this tool entirely, and security researchers are back to square one.

Also read:Deloitte Blockchain Lab in Dublin Will Create Fifty Jobs

RannohDecryptor is the tool Kaspersky Labs has created to let users bypass the Bitcoin ransom after getting infected with CryptXXX. It did not take long for the malware creators to come up with a solution that makes this tool all but useless, and version 3.0 of this ransomware was released a few days ago.

CryptXXX Version 3.0 Is Here

Bitcoinist_Bitcoin Ransomware CryptXXX 3.0 Kaspersky Labs

Albeit there is no available tool to combat CryptXXX 3.0 right now, computer users dealing with this infection are advised not to pay the Bitcoin ransom. Given these recent changes to the encryption algorithm, security researchers are concerned that paying the fee will not necessarily result in received a decryption key.

Kaspersky Labs advises users to hold off on acting on the infection itself until security researchers come up with a revised version of RannohDecryptor. However, that may be easier said than done, as it can take anywhere from a few days so several weeks until a solution has been found. Given the fact Kaspersky Labs managed to break the CryptXXX encryption algorithm twice already, there is a good chance they will continue that streak, though.

This new evolution of CryptXXX comes on the heels of TeslaCrypt developers shutting down their ransomware strain and releasing the master decryption key to the public. Some people assumed this was the end for ransomware infections around the world, but it is safe to say this threat seems far from over.

Cerber, which is another strain of Bitcoin ransomware, has undergone some major changes recently as well. Other than infecting a device and ensuring the user can’t access the computer files, the new version of Cerber will make infected devices part of a botnet to execute DDoS attacks. Ransomware keeps evolving into a more severe threat than the previous generation, and CryptXXX seems to be following that lead by example.

How long will it take before this new version of CryptXXX can be decrypted through a free tool? Let us know your thoughts and predictions down below!

Source: Bleeping Computer

Images courtesy of Shutterstock, Kaspersky Labs

Jp Buntinx

Jp Buntinx

JP Buntinx is a freelance Bitcoin writer and Bitcoin journalist for various digital currency news outlets around the world. In other notes, Jean-Pierre is an active member of the Belgian Bitcoin Association, and occasionally attends various Bitcoin Meetups in Ghent and Brussels

  • facepalmfrank

    Initially the hackers supplied a non-working decrypter after paying.

    Now it seems to be working based on most reports, although it is advised to avoid paying the ransom.

    Hopefully this version will be cracked like the previous ones sooner or later.

  • Gabriel El Sol

    I think that CryptXXX 3 won’t give up soon. Its popularity has been increasing just like Teslacrypt’s. In fact, it seems that these two viruses belong to the same developers:

  • John Astle

    Yes you are correct, I have found the same here – Removal Of CryptXXX, and also here – Uninstall CryptXXX 2.0