“.crypz” is the latest encryption spreading online.
A few hours ago a new variant of ransomware has been detected. Victims are reporting that their files have been encrypted with .crypz extension. At first sight, this appears to be another ransomware version from the CryptXXX 3.0 family. Researches and analysis are still on, and more details about this new infection are yet to be revealed.
Files encrypted with “.crypz” extension!
The “.crypz” ransomware threat comes just a few days after the notorious cryp1 malware encryption was released. The activity of this new form of online robbery is growing faster than expected. According to security researchers, the CryptXXX’s ransomware family is rapidly increasing the number of malicious scripts it uses to infect users. Moreover, it appears to be re-branding itself into UltraCrypter – due to using a handful of different variants of encryption.
“.crypz” is so far the only file extension associated with this new threat. It has already infected its first victims by locking their data and asking for a ransom. Acting like a typical ransomware, “.crypz” infection sneaks through the system unnoticed. Usually, the infection happens with the help of another malware like a Trojan horse, that has already compromised the computer. The “.crypz” ransomware infection is using the vulnerability created by the Trojan to introduce itself into the system. There are hardly any symptoms during the encryption process, therefore, victims are usually unable to detect what is happening with their PC until a ransom note appears on their screen. Similar to cryp1, it is very likely that .crypz can also spread to other computers connected to a network.
“.crypz” locks the victim’s data with strong encryption algorithm and from there on, all the files become impossible to open without the proper key. They are held hostage for a ransom, indicated in the ransomware note. This new encryption algorithm is yet to be analyzed by security experts. If it is really proven to originate from the CryptXXX family, the decryption could be a real challenge for the experts, since there are still no fully workable solutions provided for the encryption used by this family of ransomware.
Unfortunately, a solution to fully decrypt the .crypz encryption is not available yet, however, in case you are infected, it is worth to try to restore some of your files with the instructions in this guide. It may help you minimize the losses. You should bear in mind that cybercriminals are coming with new and stronger encryption methods in order to ensure that there is no other way to get your data back, unless you pay the ransom. But, paying the ransom is really a bad idea unless you really have no other option. Therefore, our “How to remove” team would advise you not to give up and try everything possible not to pay a penny to the hackers behind this (or any other) ransomware.