SensorsTechForum - How to Technology and PC Security Forum

PC Security and Protection => Malware Removal Questions and Guides => Topic started by: Execute on May 30, 2016, 05:35:27 pm

Title: UltraCrypter a.k.a. Cryp1 Ransomware is here! (CryptXXX 3.0 version)
Post by: Execute on May 30, 2016, 05:35:27 pm
CryptXXX 3.0 is back with a new version. The rebranded ransomware is tougher than before.

After the initial release of CryptXXX 3.0 where the decryption tool provided by the cyber criminals was broken,
UltraCrypter is here. Also known as Cryp1, the new version of the ransomware provides a "special" decrypter.
Kaspersky and other researchers should eventually find flaws in the code and help people by providing a decryption tool.

The ransomware locks files with the .cryp1 extension. You can read more about it in our blog article:
http://sensorstechforum.com/remove-cryp1-ultracrypter-ransomware-restore-cryp1-files/ (http://sensorstechforum.com/remove-cryp1-ultracrypter-ransomware-restore-cryp1-files/)


This is an open, discussion topic. Ask any questions you have related to the ransomware, add new information if you find such,
share your opinion and ideas on what you think about the virus or in what ways UltraCrypter can be defeated.
Title: Re: UltraCrypter a.k.a. Cryp1 Ransomware is here! (CryptXXX 3.0 version)
Post by: Execute on May 31, 2016, 02:13:56 pm
TrendMicro have improved one of their tools for decryption, and now it seems to work with the third variant of CryptXXX.
If it works with CryptXXX 3.0, it might work with UltraCrypter as well. You can check it on TrendMicro's site here (http://esupport.trendmicro.com/solution/en-US/1114221.aspx).

Note! For now only partial recovery of the files is possible.
Title: Re: UltraCrypter a.k.a. Cryp1 Ransomware is here! (CryptXXX 3.0 version)
Post by: mcinn on June 01, 2016, 09:51:55 am
Whatever happens, I bet that the cyber criminals operating this ransomware won't just give up and will likely come up with a new and better crypto virus...
Title: Re: UltraCrypter a.k.a. Cryp1 Ransomware is here! (CryptXXX 3.0 version)
Post by: sentience on June 01, 2016, 05:28:09 pm
I’m really happy to hear some good news. If the “white hats” succeed to improve their decryption tool, it will be of great use for many infected people. I’m curious to understand what will happen next, so I’ll keep following this topic.
Title: Re: UltraCrypter a.k.a. Cryp1 Ransomware is here! (CryptXXX 3.0 version)
Post by: Execute on June 02, 2016, 10:59:42 am
The owners of CryptXXX proved to be very stubborn, so they probably will make more ransomware indeed.
Researchers on the other hand also put up a fight, so they won't just call it a draw...

I hope the cyber crooks eventully just give up. We shall see...