News

New Cry Ransomware by the Central Security Treatment Organization

A new ransomware has been discovered by MalwareHunterTeam and it’s nothing short of calculated. A fake organization, the Central Security Treatment Organization (or Cry), has released this new strain of malware that works to encrypt your files and append the .cry extension to said files. Once encrypted, they demand approximately 1.1 bitcoins or the equivalent of $625 USD for the decryption key.

As of now, researchers have yet to discover a free decryption key. Researchers are analyzing the virus now but it’s clear that this was well-developed by seasoned coders. According to the article by KnowBe4, we should soon expect a massive wave of attacks.

Larry Abrams of Bleepingcomputer says, “For example, like Cerber, this ransomware will send information about the victim to the Command & Control server using UDP. Furthermore, it will also use public sites such as Imgur.com and Pastee.org to host information about each of the victims. Last, but not least, it will query the Google Maps API to determine the victim's location using nearby wireless SSIDs."

Their resources are extensive and their list of features prove to be the same: (via KnowBe4.com)

  • Uses UDP to communicate with the Command & Control Server to evade detection
  • Uses social networks to upload and host information about the victims using fake PNG files
  • Queries Google Maps API to identify victim location using nearby wireless SSID's (!)
  • Deletes the system Shadow Volume Copies
  • Stays persistent after reboots
  • Uses TOR payment site that requires the victim's personal ID from ransomnote
  • Has functioning support page to communicate with the criminals
  • Includes a free (drag & drop, imagine that) decryption of one file to prove the files can be decrypted

They give you a sample drag & drop decryption (for one file) to show you that the files can truly be decrypted. However, we advise you to test this feature before paying the ransom in the event that you do not have up-to-date backups in place. Ransomware has become some tough competition and the only way to win is to stay ahead of the game. Reevert has been designed to protect your data against all types of ransomware and other malware attacks. Don’t wait until it is too late; we offer a 30 day hassle free trial. Download reevert and protect your data now.

Click here to see reevert’s features and benefits.

Try Us

Free Trial    Watch Demo

 

For a hassle free 30 day trial, click the "Free Trial" button, download and deploy a copy of the appliance. No Credit Card required.