Following the release of decryption tools for two versions of the program ransomware CryptXXX in April and May of 2016, the Kaspersky Lab presents the new decryption tool for files that have been locked in the latest version of malware. This malicious program was able to "infect" thousands of computers worldwide since April of 2016, and the files that were "infected" by it were impossible to decrypt completely. But no longer. 
The free tool RannohDecryptor of Kaspersky Lab can decrypt most files with extensions.crypt,.cryp1 and.crypz.
CryptXXX is one of the most actively distributed and dangerous "families" of ransomware programs: For a long time, cyber criminals used Angler and Neutrino exploit kits to "pollute" their victims with this malware. These two kits were considered among the most effective ones in terms of "infecting" goals successfully.
Από τον Απρίλιο του 2016, τα προϊόντα της Kaspersky Lab έχουν καταχωρήσει επιθέσεις του CryptXXX εναντίον τουλάχιστον 80.000 χρηστών σε όλο τον κόσμο. Οι περισσότεροι από τους μισούς εξ αυτών προέρχονται κυρίως από έξι χώρες: τις ΗΠΑ, τη Ρωσία, τη Γερμανία, την Ιαπωνία, την India and Canada. But these are only users who were protected by Kaspersky Lab's detection technologies. Unfortunately, the total number of users who have been attacked is much higher.
Actual figures are not known, but Kaspersky Lab experts estimate that there may be several hundred thousands of "infected" users.
"Our usual advice to the victims of the various" families " ransomware is this: even if there is currently no decryption tool available for the malware version that has encrypted your files, please do not ransom the criminals. Save the corrupted files and be patient - the chances of a decryption tool in the near future are very high. We consider his case CryptXXX v.3 as proof of this advice. Lots of experts in her field better safetys worldwide are working hard to be able to help the victims of the programs ransomware. Sooner or later, the solution for the overwhelming majority will be found ransomware» said Anton Ivanov, Kaspersky Lab's security expert.
The decryption tool can be downloaded from by clicking here Kaspersky Lab and from Nomoreransom.org - the website of the non-profit initiative launched this year by the Dutch National Police Criminal Investigation Directorate, the Europol European Cybercrime Center together with two private digital security companies, Kaspersky Lab and Intel Security, to provide help victims of ransomware malware recover their encrypted data without having to pay criminals. The global fight against ransomware continues at a rapid pace, with more than 30 new partners, both public and private, joining forces to actively contribute to the No More Ransom initiative.
"Our data shows that in the last year the attacks on businesses have tripled, which means there is a significant change in attack frequency, from every 2 minutes to one every 40 seconds. For individual users, the rate of increase exceeded 20 seconds per attack and reached one attack every 10 seconds. This was accompanied by an increase in new types of ransomware. Too many people still believed they had no alternative but to pay the required ransom, even though it is known that many of those who paid the ransom never got their files back – including one in five businesses. For that, this particular development now provides a life-saving alternative as it allows you to unlock your files without paying a ransom.” said Jornt van der Wiel, a security researcher at Kaspersky Lab's Worldwide Research and Analysis Group.
Download RannohDecryptor.zip.
