Blog by Tyler Moffitt, Webroot Threat Researcher
In mylast blog postabout a week ago, Italked about how Cryptolocker and the like are not dead and wewillcontinue to see more of them in action. It’s a successful “business model” and I don’t see it going away anytime soon. Not even a few days after mypost a new encrypting ransomware emerged. This one even targets Russians!
Presenting Critroni
This newest edition of encrypting ransomware uses the sametactics of contemporary variants including: paying through anonymous tor, using Bitcoin as the currency, changing the background, dropping instructions in common directories onhow to pay the scam. Some upgradesthat are new to the encrypting ransomware scene are loggingthe entire directory list of files that were encrypted and then storing them in your documents folderfor your conveniencecome...