image credit: unsplash
Our experts have discovered an attack of a new Trojan, which they’ve dubbed CryWiper. At the first glance, this malware looks like ransomware: it modifies files, adds a .CRY extension to them (unique to CryWiper), and saves a README.txt file with a ransom note, which contains the bitcoin wallet address, the contact e-mail address of the malware creators, and the infection ID. However, in fact, this malware is a wiper: a file modified by CryWiper cannot be restored to its original state — ever. So if you see a ransom note and your files have a new .CRY extension, don’t hurry to pay the ransom: it’s pointless.
Comments are closed.
