Security Alerts & News
by Tymoteusz A. Góral

History
#1027 New CryptXXX can evade detection, outsmart decryption tools
The new version of the CryptXXX ransomware is spreading primarily through spam, said Caleb Fenton, senior security researcher at SentinelOne, in a technical description of the find posted Monday.

CryptXXX has been a fast and moving target for researchers, considered by some to be “hot new kid on the block” when it comes to ransomware – even nipping at the heels of the notorious Locky ransomware when it comes to infection rates and distribution. In May cybercriminals released an updated CryptXXX 3.100 version of the ransomware that includes a new StillerX credential-stealing module that gives attackers additional capabilities to monetize an attack.

Now, SentinelOne reports, cybercriminals have updated CryptXXX again, tweaking the encryption engine further to prevent free un-specified decryption tools from working. According to a Kaspersky Lab support page, the RannohDecryptor utility worked on numerous updated versions of the CryptXXX ransomware. However in late May, with the 3.100 release of CryptXXX, the RannohDecryptor was no longer able to decrypt files from the 3.100 version of the ransomware, but is still effective for early versions of the ransomware.
Read more
#1027 New CryptXXX can evade detection, outsmart decryption tools
#1026 Proxy.sh hints at gag order after VPN node withdrawn from warrant canary
#1025 MIRCOP crypto-ransomware channels Guy Fawkes, claims to be the victim instead
#1024 Uber hacking: How we found out who you are, where you are and where you went!
History
2017: 01 02 03 04 05
2016: 01 02 03 04 05 06 07 08 09 10 11 12