AES encryption algorithm is being used by a ransomware virus, named SuperCrypt which encrypts the files of it’s victims. The virus has been reported to also add the .SUPERCRYPT file extension to the files which it enciphers. The enciphered files can no longer be opened by any software and the only decryption method seems to be paying a hefty ransom fee of 300 euros or 1 BTC to cyber-criminals, as written In a HOW TO DECRYPT FILES.txt text file. It is strongly advisable not to pay any ransom and wait for a decryption while in the mean time try alternative methods like the ones here to restore your files after removing SuperCrypt ransomware.
|Short Description||The SuperCrypt ransomware encrypts files with the AES cipher and asks a ransom of 300 Euros for decryption.|
|Symptoms||Files are encrypted and become inaccessible. A ransom note with instructions for paying the ransom shows as a HOW TO DECRYPT FILES.txt file.|
|Distribution Method||Spam Emails, Email Attachments, File Sharing Networks.|
See If Your System Has Been Affected by SuperCrypt
Malware Removal Tool
|User Experience||Join our forum to Discuss SuperCrypt Ransomware.|
|Data Recovery Tool||Windows Data Recovery by Stellar Phoenix Notice! This product scans your drive sectors to recover lost files and it may not recover 100% of the encrypted files, but only few of them, depending on the situation and whether or not you have reformatted your drive.|
SuperCrypt Ransomware – How Does It Spread
Similar to the Zcrypt ransomware virus, SuperCrypt may be downloaded via several methods. The primary method by which SuperCrypt ransomware may spread is via e-mail. This means that you could see it attack your computer disguised in two forms – malicious URLs as well as attachments, both pretending to be legitimate. This is why it is important to always use e-mail services that have multiple spam filters enabled and also learn to scan e-mail attachments from suspicious senders.
SuperCrypt Ransomware – What Does It Do
As soon as installed on your computer, the SuperCrypt threat may connect itself remotely to the servers of cyber-criminals, allowing it to download the malicious files in several key Windows folders under different names:
After this has been done, the SuperCrypt virus may also create value strings in the Run and RunOnce registry entries:
This is done with the one and only purpose of getting the virus to run automatically when Windows starts. After the SuperCrypt virus runs on a compromised computer, it may encrypt different types of widely used files, like videos, images, audion files and others. Some file extensions, SuperCrypt ransomware may scan for and encipher may be the following:
SuperCrypt ransomware has a very specific algorithm (AES) which it uses to encipher files. It scrambles the source code of the file itself, rendering it unopenable by replacing key digits of the code with the algorithm’s. The virus then generates a unique decryption key which it may send to the C&C (Command and Control) server of the cyber-criminals.
After an encryption has been done, the virus then leaves the following note to inform users their files have been encrypted:
Remove SuperCrypt Ransomware and Restore Your Files
Experts have seen these type of viruses long enough to conclude that they are a very serious threat. However, experience also shows us that paying the ransom to cyber-criminals may not get your files back and helps the crooks further develop their malware and spread it to more computers. This is why it is advisable to remove SuperCrypt. One of the removal methods is by following the instructions for removal below. They are carefully devised to methodologically assist with the deletion of all files associated with SuperCrypt ransomware if you have experience. However, in case you lack technical experience when removing malware, experts advise using an advanced anti-malware tool which can easily make sure all the objects associated with this virus are gone from your computer permanently.
To restore your files, we suggest you to wait for a free decryptor to be released, which may happen sooner or later. While you do that, you are welcome to try the free restoration alternatives in step “2. Restore files encrypted by SuperCrypt” below.
Manually delete SuperCrypt from your computer
Note! Substantial notification about the SuperCrypt threat: Manual removal of SuperCrypt requires interference with system files and registries. Thus, it can cause damage to your PC. Even if your computer skills are not at a professional level, don’t worry. You can do the removal yourself just in 5 minutes, using a malware removal tool.