CryptXXX Ransomware has been on the Kaspersky radar for quite some time now, as they are doing everything they can to let victims restore file access without paying the Bitcoin fee. A similar attempt had been made earlier this year, but the CryptXXX creators quickly patched the flaw allowing for this scenario to take place.
Kaspersky Is Not Giving Up On Fighting CryptXXX
There is hardly anything more annoying than dealing with Bitcoin ransomware these days. Not only does this malware encrypt nearly every file on one’s computer or network, but it is also impossible to restore file access with a backup. This has been a thorn in the side for consumers and enterprises all over the world for several months now.
But there is a silver lining, as Kaspersky Labs is trying to outsmart the CryptXXX creators. Or to be more precise, this is the security firm’s second attempt at doing so, after pointing out how the developers made several critical errors back in April of 2016. The security firm released a decryption tool that would allow victims to restore file access without paying the Bitcoin ransom.
However, the CryptXXX ransomware developers took exception to this attempt by Kaspersky Labs and updated their code shortly afterwards. Once the new version of this malware was released, security experts were back to square one in an attempt to come up with a decryption tool for victims all over the world.
After announcing a new update to the decryption tool – called RannohDecryptor – it appears as if the team has managed to break the revamped CryptXXX encryption. Victims will no longer need a copy of an original file which has not been encrypted by the ransomware, which then allows RannohDecryptor to find a decryption key.
It will be interesting to see how long this solution will work, as it is doubtful the CryptXXX developers will give up the fight so easily. Bitcoin ransomware distribution has proven to be a very lucrative business model. Computer user all over the world need to be vigilant at all times and ensure their antivirus definitions and operating system are always up-to-date.
What are your thoughts on this new attempt by Kaspersky? Will this be the nail in the coffin for CryptXXX? Let us know in the comments below!
Images courtesy of Kaspersky, Shutterstock