CATEGORIES
home News

Beware Of Nasty zCrypt Ransomware Taking Vulnerable Windows PCs Hostage

by Paul LillyTuesday, May 31, 2016, 10:50 AM EDT
zCrypt Ransomware

Ransomware is not only a real thing, it's a real pain in the tuchus. I point this out because I recently had a conversation with someone who, up until a recent ransomware breakout at her place of employment, thought it was a made up concept that only happens on TV. To the contrary, ransomware is a growing threat, and a new strain called zCrypt has caught the attention of Microsoft.

"We are alerting Windows users of a new type of ransomware that exhibits worm-like behavior. This ransom leverages removable and network drives to propagate itself and affect more users. We detect this ransomware as Ransom:Win32/ZCryptor.A," Microsoft stated in its Threat Research & Response blog.

Credit for bringing attention to the new strain goes to a security researcher named Jack. On his blog MalwareForMe, Jack explains that zCrypt uses a command and control server to check-in infected bots and also to pass the encryption key from the server to the infected machine. It also uses a bit of trickery to distract the user while it works in the background.

zCrypt Pop-up

"When executed, the malware creates a pop-up that appears to be benign-- likely to confuse a user while the malware talks to the command and control server and begins the encryption routine. The pop-up will continue to appear while the malware is running," Jack explains.

There are two primary ways zCrypt spreads. One is through fake installers such as a Flash Player setup, and the other is through email spam. In other words, it's easily avoidable with a little PC savvy, unfortunately there are many people out there that still click on suspicious links, be it in email or through their daily travels on the web.

Those affected by the ransomware will receive a note in a dropped HTML file. The note explains what happen, the ransom payment being demanded (typically 1.2 Bitcoins, or $500), and how long they have to comply before the encryption key is lost forever.

Ransomware itself isn't new, but according to the FBI, law enforcement saw an increase in ransomware attacks in 2015, particularly against organizations due to the potential for big paydays.

"If the first three months of this year are any indication, the number of ransomware incidents—and the ensuing damage they cause—will grow even more in 2016 if individuals and organizations don’t prepare for these attacks in advance," the FBI warned in late April of this year.
TOP CONVERSATIONS
Your Next PC Platform?
More Results
KEEP INFORMED
SITE

Home

Reviews

News

Blogs

Full Site

Sitemap

CATEGORIES

PC Components

Systems

Mobile

IT Infrastructure

Leisure

Videos

COMPANY

About

Advertise

News Tips

Contact

Privacy And Terms

HotTech

MORE

Accessibility

Shop

STAY CONNECTED

Twitter

Facebook

YouTube

RSS

As an Amazon and Howl Technologies Associate, HotHardware earns a commission from qualifying purchases made on this site. This site is intended for informational and entertainment purposes only. The contents are the views and opinion of the author and/or his associates. All products and trademarks are the property of their respective owners. Reproduction in whole or in part, in any form or medium, without express written permission of Hot Hardware, Inc. is prohibited. All content and graphical elements are Copyright © 1999 - 2024 David Altavilla and Hot Hardware, Inc.
All rights reserved. Privacy and Terms - Accessibility Commitment