Experts have detected a new file-encrypting ransomware, dubbed SuperCrypt, in the middle of October this year. Like another popular ransomware like CryptoWall and CryptoLocker, the recently reported SuperCrypt encrypts certain files on the compromised computer and displays a ransom message on the desktop.
How Is SuperCrypt Distributed to the Victim’s PC?
Reportedly SuperCrypt is delivered to the infected machine by:
- Manual hacking of remote desktop.
- Terminal services on the compromised computer.
As soon as the ransomware developers are given access to the targeted computer, they will install SuperCrypt and start the encryption process. As the file-encrypting process is completed, the crooks will remove the ransomware samples from the victim’s computer. Experts report that the majority of the affected PCs are located in Europe.
The SuperCrypt Infection
As a file is encrypted, its extension gets changed to . SUPERCRYPT. The ransom message is in the form of a text document titled How-To-Decrypt-Your-Files and is located on the user’s desktop. The note contains a unique infection ID for each machine, along with instructions to send the ID and an encrypted file to the ransomware developers to a certain email address. The crooks will then decrypt the file submitted from the victim as a proof that they are able to retrieve the data. Then the user is sent detailed instructions on how to pay the requested fee for the decryption of all files. Currently, the hackers are demanding 300 Euros paid in the form Ukash vouchers; the other option is to send them one Bitcoin. As soon as the transaction is completed, the user is provided with a decryption program.
The text file containing the ransom message and the payment details is something in the lines of:
→“In case you are reading this text file, then ALL your FILES are ENCRYPTED.
The only way to recover them is to contact us on firstname.lastname@example.org
We are the only ones capable of completely recovering your files.
Attach following to your email:
1. Text file with your ID.
2.One of the encrypted files.
We will provide you with our conditions after we check your ID and send you back the decrypted file as proof that we are in a possession of the decrypter.“
Remove SuperCrypt Ransomware Automatically with Spy Hunter Malware – Removal Tool.
To clean your computer with the award-winning software Spy Hunter –
It is highly recommended to run a FREE scan before purchasing the full version of the software to make sure that the current version of the malware can be detected by SpyHunter.