Jakub Kroustek, Avast analyst disclosed a new ransomware variant written in Python. The ransonware named CryPy encrypts every file with a unique key. Kapersky researchers have also found that CryPy uses a vulnerable web server based in Isarel as its command and control center.
But security professionals are of the view that encrypting each file is a disadvantage to the malware’s performance and also noting that the C&C method used is very simple. The malware’s operation could be terminated by blocking the source IP address.
Despite it’s flaws, the sophisticated encryption used is difficult to decrypt and potentially will defeat common anti-ransomware softwares.