CryPy ransomware found by Avast analyst.

cryptoransomware-encryption-300x205Jakub Kroustek, Avast analyst disclosed a new ransomware variant written in Python. The ransonware named CryPy encrypts every file with a unique key. Kapersky researchers have also found that CryPy uses a vulnerable web server based in Isarel as its command and control center.

But security professionals are of the view that encrypting each file is a disadvantage to the malware’s performance and also noting that the C&C method used is very simple. The malware’s operation could be terminated by blocking the source IP address.

Despite it’s flaws, the sophisticated encryption used is difficult to decrypt and potentially will defeat common anti-ransomware softwares.

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s