Η Kaspersky announced that it has successfully decrypted the CryptXXX ransomware.
More specifically, Kaspersky's John Snow reports that his victims malicioussoftware can decrypt them data them without having to pay the ransom demanded by the fraudsters.
CryptXXX was discovered in mid-April by the company security Proofpoint, which said it originates from the developers of Reveton and spreads via the Angler exploit kit.
Fraudsters using CryptXXX required 500 dollars from each encrypted system, and Proofpoint notes that it is one of the highest amounts ever requested by similar software.
Ransomware encrypts the files on the victim's computer but also on the peripheral storage units connected to the machine.
Attackers also steal Bitcoins that are stored on victim's hard drives.
Note that although CryptXXX uses RSA4096 encryption, Snow said it was not "so hard to crack."
So the company added decryption mode to the RannohDecryptor ransomware decryption tool.
Download RannohDecryptor and read the company's detailed instructions for decrypting infected files:
