CryptON Ransomware Ransomware Overview[]
Malware researchers report that a new Cryptolocker strain has been discovered – the CryptON ransomware. The virus borrows heavily from the core's code base.
Upon infection the virus follows the typical viral behaviour – it encrypts target user data and then extorts the victims for a payment. Aside from this the Crypton ransomware also features some advanced features such as scanning for running processes and spawning new ones. The virus is able to modify Windows files and load malicious code into the host's memory.
CryptON Ransomware Ransomware Note[]
All your files have been encrypted with Crypt ° Locker!
This means that, without a decryption key, recovering your files is not possible. If your files have a value for you and you are willing to pay me for the decryption key, contact me: steaveiwalker@india.com, steavewalker@163.com
You have 3 days to pay for my services. After this period, you will have lost all your files.
Anti-virus software can remove Cryptolocker, but can not decrypt your files. The only way to recover your files – is to pay for the decryption key.
Information for IT Specialists: The data was encrypted with the AES (Rijndael) algorithm with the length of the 256-bit session key. The session key is encrypted with the RSA algorithm (2048 bits). The public key is included in the Cryptolocker. The private key for decryption of the session key is stored only in my database. To break this key, you need more than a million years.
CryptON Ransomware Ransomware Distribution[]
The CryptON Ransomware uses the most popular delivery methods – spam messages, poisoned software bundles and malicious redirects.