Ransomware battle heats up – costing $500 per computer

If you are searching for the ‘Google Decrypter’ tool, the chance is very high that you have been targeted by the CryptXXX ransomware. The CryptXXX ransomware claims that you will have to buy the ‘Google Decrypter’ in order to regain access to your encrypted files – and the chance is there that once you buy the Google Decrypter, that you will get your files back – but this leaves you open for future attacks as you are then known as a victim which pays his bills.

My advice; Disconnect the device from the network, and reinstall the device.

The team from proofpoint published a post about the CryptXXX ransomware. In their post they state that the they think that this is the same team which was behind the Reveton ‘Police Locker’ ransomware.

We have not confirmed that a payment via the “personal home page” referenced above will unlock the screen. However, based on Reveton “Police locker” history (as noted previously, the authors responsible for CryptXXX were also behind Reveton), we expect this is an included feature in the ransomware, meaning the computer is probably contacting the C&C routinely to check the payment status.