KeyPass Ransomware Has Arrived and Can Lead to More Sophisticated Attacks

KeyPass Ransomware Has Arrived and Can Lead to More Sophisticated Attacks

There’s a new strain of ransomware spreading to users globally according to an article published by ZDNet, and its built-in features hint at the possibility of more sophisticated attacks to come.

Its name is KeyPass--first appearing on August 8--and its out to cause chaos as it has already spread to hundreds of victims so far in more than 20 countries around the world through the installation of fake software.

In regards to the highest percentage of KeyPass infections, Brazil and Vietnam have taken the lead, however victims of the ransomware have been reported in regions all over--from South America to Africa, Europe, the Middle East, and even Asia.

Researchers from Kaspersky Lab examined the ransomware strain and noticed quite an unexpected feature: it has the additional option for an attacker to manually control an infected system by customizing such things as encryption key, text of the ransom note, or list of paths that can be excluded from the encryption process, thereby allowing more sophisticated attacks on infected networks.

Victims of the KeyPass ransomware are met with a displayed note on their screen that details how all files have been encrypted with the file extension “.KEYPASS”. For a hefty price of $300, affected users will be able to decrypt their files by purchasing “decrypt software”. The price increases 72 hours post-infection if contact isn’t made with the attackers.

Source: Kaspersky Lab

Source: Kaspersky Lab

While other ransomware cyber criminals demand Bitcoin as a form of payment (as seen on the encryption prompt screen), the KeyPass ransom note doesn’t include information on the type of payment required. Victims are only urged to contact the provided email addresses that are registered to Switzerland and India.

Due to the fact that users could register for those email addresses from anywhere, the identity or actual location of the attackers remains unknown.

As of now, there is no way to decrypt your files without avoiding the ransom payment, but it’s best to make certain your files are backed up through a backup software or hardware.

Ransomware researchers and authorities have advised against paying the ransom, but many users in desperate need for file recovery ignore this instruction in order to have their systems back online without delay. The problem with paying the costly ransom is that there is never a guarantee of file decryption, ultimately leaving users stranded with locked systems.

As this ransomware strain is on the move, now is the perfect time to make certain all your systems are up-to-date. Additionally, take the time to back up your files by using a backup software like reevert. Reevert is designed with ransomware protection in mind. Our backup and storage solution puts users at ease, as files are stored by hourly data snapshots that can easily be recovered within seconds in the emergency of a ransomware attack.

Don’t be the next victim to KeyPass ransomware; see how reevert can help you back up your precious data today. Click here for more information on how reevert can help your business stay safe!

To view the original article, please click the link here.

Try Us

Free Trial    Watch Demo


For a hassle free 30 day trial, click the "Free Trial" button, download and deploy a copy of the appliance. No Credit Card required.