Proofpoint researchers have detected a new version of thw CryptXXX ransomware that introduces several updates and improvements, all of which increase the risks associated with this threat. In fact, shared network resources are now far more vulnerable to encryption by a CryptXXX-infected PC with the introduction of network scanning via SMB.
CryptXXX is evolving fast – the developers behind it are already at Version 3.100, detected less than 6 weeks after Proofpoint researchers first identified the ransomware. The latest iteration not only bypasses the currently available decryption tool from but also 1) Uses SMB to scan for available network resources and begin encrypting them, 2) Installs the StillerX information stealing DLL (this isn’t new but is the first time it has been analyzed in detail), 3) Includes a new payment portal, and 4) Changes the extension of encrypted files from previous versions.
Comments from Kevin Epstein, Vice President, Threat Operations Center:
“CryptXXX is evolving rapidly, likely driven by the financial benefits attackers reap from distributing ransomware at scale. Cybercrime is a business, and the lower-cost, higher-return nature of ransomware offers significant incentives for threat actors’ continuing investment in that form of malware.”
“By including robust credential-stealing capabilities in the malware package, the actors behind CryptXXX are able to monetize their attack beyond basic ransom payments. It adds further injury to insult, like having your wallet and ID stolen by your kidnappers.”
Please visit Proofpoint’s Threat Insight blog for the full research: https://www.
Most Commented Posts
2020 Cybersecurity Landscape: 100+ Experts’ Predictions
Cyber Security Predictions 2021: Experts’ Responses
Experts’ Responses: Cyber Security Predictions 2023
Data Privacy Protection Day (Thursday 28th) – Experts Comments
Experts Insight On US Pipeline Shut After Cyberattack
Most Active Commenters
Recent Comments
“Cybersecurity Awareness Month’s new evergreen theme "Secure Our World” is…
“Avoid storing data on personal devices: A crucial but often overlooked…
“I recommend a new nuance to passwords that isn’t often…
“In my role overseeing cloud environments and incident response, I'm…
“Cybersecurity Awareness Month serves as a reminder to confront the…