Following the release of decryption tools for two versions of the program ransomware CryptXXX in April and May of 2016, the Kaspersky Lab presents the new decryption tool for archives which are locked with the latest version of the malware. This malicious program was capable of infecting thousands of computers worldwide since April 2016, and files infected by it were impossible to fully decrypt. But not anymore.
CryptXXX is one of the most actively distributed and dangerous "families" of ransomware programs: For a long time, cyber criminals used Angler and Neutrino exploit kits to "pollute" their victims with this malware. These two kits were considered among the most effective ones in terms of "infecting" goals successfully.
As of April 2016, Kaspersky Lab products have registered CryptXXX attacks against at least 80.000 users worldwide. More than half of them come mainly from six countries: the USA, Russia, Germany, the Japan, The India και τον Καναδά. Αλλά αυτοί είναι μόνο χρήστες που προστατεύονταν από τις technologies Kaspersky Lab detection. Unfortunately, the total number of users who have been attacked is much higher.
Actual figures are not known, but Kaspersky Lab experts estimate that there may be several hundred thousands of "infected" users.
"Our usual advice to the victims of the various" families " ransomware is this: even if it does not exist today available decryption tool for the release of malware that has encrypted your files, please do not ransom the criminals. Save the corrupted files and be patient - the chances of a decryption tool in the near future are very high. We consider his case CryptXXX v.3 as proof of this advice. A number of security specialists worldwide work hard to be able to help the victims of the programs ransomware. Sooner or later, the solution for the overwhelming majority will be found ransomware» said Anton Ivanov, Kaspersky Lab's security expert.
The decryption tool can be downloaded from by clicking here Kaspersky Lab and from Nomoreransom.org – the webσελίδα της μη κερδοσκοπικής πρωτοβουλίας που ξεκίνησε φέτος από την Εθνική Διεύθυνση Εγκληματολογικών Ερευνών της Ολλανδικής Αστυνομίας, το Ευρωπαϊκό κέντρο ηλεκτρονικού εγκλήματος της Europol μαζί με δύο εταιρείες ψηφιακής ασφάλειας από τον ιδιωτικό τομέα, την Kaspersky Lab και την Intel Security, με στόχο την παροχή βοήθειας προς τα θύματα των κακόβουλων προγραμμάτων ransomware να ανακτήσουν τα κρυπτογραφημένα δεδομένα τους, χωρίς να χρειάζεται να πληρώσουν τους εγκληματίες. Ο παγκόσμιος race ενάντια στα συστήματα ransomware συνεχίζεται με γοργούς ρυθμούς, με περισσότερους από 30 νέους εταίρους, τόσο από το δημόσιο όσο και τον ιδιωτικό τομέα, να ενώνουν τις δυνάμεις τους συμβάλλοντας ενεργά στην πρωτοβουλία «No More Ransom».
"The data show us that in the last year attacks on businesses have tripled, which means that there is a significant change in frequency of attacks, from every 2 minutes to one every 40 seconds. For individual users, the rate of increase exceeded 20 seconds per attack and reached one attack every 10 seconds. This was accompanied by an increase in new types of ransomware. Too many people still believed they had no alternative but to pay the required ransom, even though it is known that many of those who paid the ransom never got their files back – including one in five businesses. For that, this development now provides a life-saving alternative as it allows you to unlock your files without paying a ransom.” said Jornt van der Wiel, a security researcher at Kaspersky Lab's Worldwide Research and Analysis Group.