CryptXXX ransomware providing keys free! Or is it a bug?

What might sound as unbelievable to most, CryptXXX ransomware is distributing decryption keys for free, without taking any money from the victims. In case you were one of the victims foxed by CryptXXX ransomware and have your data locked, you may get the unlocking key free from the payment sites of the ransomware.

This news came into reckoning yesterday, when victims visiting the Tor-based payment sites of CryptXXX ransomware, accidentally discovered that after logging in with their IDs, instead of receiving instructions on how to make the payment they were instead given the decryption keys for free.

CryptXXX ransomware

As of now, CryptXXX ransomware is providing free keys only for certain variants of CryptXXX, namely those that add the .Crypz and .Cryp1 extensions to the encrypted files.

Why CryptXXX ransomware is leaking keys as free

Currently, there is no reliable explanation of why CryptXXX ransomware is providing keys as free. It would be unwise to think that CryptXXX developers are suddenly showing mercy on victims. A logical reason could be the existence of a bug within the CryptXXX ransomware server which is leaking keys to the users.

Bleeping Computer says,

“It could be that the developers are throwing a bone to their victims, but my guess is that it is a malfunction on their payment server that is causing this. The devs have been known in the past to provide buggy code and decryptable variants, so another error like this would not be hard to imagine”.

Victims looking to find the decryption key must note that keys provided by CryptXXX ransomware are specific for an individual victim and not a master. Hence the same key cannot be used by multiple users.

Lawrence lists the all known variants of the CryptXXX ransomware as given below.

Keys being offered for Free

  1. .Crypz Extension (UltraDecryptor)
  2. .Cryp1 Extension (UltraDecryptor)

Does not provide a Free Key

  1. .Crypt Extension (UltraDeCrypter)
  2. .Crypt Extension (Google Decryptor)
  3. Random Extension (UltraDecryptor)
  4. No extension (Microsoft Decryptor)

For more information, go here.

Stay safe, protect yourself against ransomware attacks.

Posted by with Tags
Ankit Gupta is a writer by profession and has more than 7 years of global writing experience on technology and other areas. He follows technological developments and likes to write about Windows & IT security. He has a deep liking for wild life and has written a book on Top Tiger Parks of India.

Leave a Reply

Your email address will not be published. Required fields are marked *

1 + 2 =