Kaspersky Lab develops new tool to edit encrypted files

May

2

2016

Kaspersky Lab experts developed a tool for decryption to help victims of malicious software ransom CryptXXX to restore encrypted files, as part of what she said it is continuing its commitment to protect users from the latest malicious software ransom.

Russian company specializing in information security and pointed out that the malicious software ransom CryptXXX specifically targeting Windows machines in order to close the files and copy the data and theft of digital currency Bitcoin.

She Kaspersky Lab that CryptXXX are malicious software ransom distribution to Internet users via e – mail spam, which contain infected attachments or malicious THE SOFTWARE links to malicious sites, and that the web pages that host phishing tool EK distribute malicious code.

When substantiated the CryptXXX encrypts the infected system files and add an extension dot Krebt .crypt to the file name, then be informed of the victims had been encrypt files (through encryption process more powerful SA-4096) and that he is required to pay a ransom of digital currency if desired victims in their own data recovery.

Kaspersky Lab noted that with more than 50 sets of malicious software currently deployed ransom on the Internet, there is no single global system to counter the threat or impact of such attacks. However, in the case of malicious software CryptXXX criminals claims on RSA-4096 process turned out to be only for the purpose of flaunting.

The company said that thanks to the efforts made by Fedor Senitezan, Senior Analyst malicious programs in the Kaspersky Lab, who developed the tool, the victims can be sure that if I found a software malicious ransom CryptXXX way into their computers, it is still possible to restore files without paying ransom .

In order to decrypt the affected files, the Kaspersky Lab tool need the original version (unencrypted) of at least one file, infected with malicious THE SOFTWARE CryptXXX.

Kaspersky Lab explained that users of its solutions are protected by more than where it was discovered phishing tool (EK) used by malicious software ransom CryptXXX in the early stages of infection by automatic protection from exploitation technology offered by Kaspersky Lab solutions.

And discover Kaspersky Lab products of these phishing tool under the following results HEUR: Exploit.SWF.Agent.gen, PDM: Exploit.Win32.Generic, HEUR: Exploit.Script.Generic ..

In order for users to protect themselves from infection, the company said that they have to keep backup copies of your files on a regular basis, as well as to update their devices all significant for the operating system and tools matching updates, as the phishing tool that is used in malicious programs CryptXXX, exploiting the weaknesses of programs to download and install programs ransom malware.

The company also recommended that users install a security solutions, such as its own solution Internet Security Kaspersky Internet Security multi-layered protection against malicious software ransom.

Companies can use the Kaspersky security solutions to protect Windows application server because these solutions include anti-Cryptor encryption technology that is designed to protect IT infrastructure from malicious information cryptomalware encryption programs.

Viewing:-155

In: Technology & Gadgets Asked By: [15187 Red Star Level]

Answer this Question

You must be Logged In to post an Answer.

Not a member yet? Sign Up Now »