Explore the latest news and trends  

Sign up for our weekly security newsletter

Be the first to receive important updates on security


Webroot Discovers Fresh AlphaCrypt Ransomware

Webroot the security company says its security researchers have spotted one fresh ransomware known as AlphaCrypt in the wild. The malware resembles TeslaCrypt in appearance, however, works like Cryptowall 3.0.

Also it has been found that both AlphaCrypt and TeslaCrypt encrypt files upon setting infection on Windows computers with operating systems Windows Vista, Windows XP, Windows 8 or Windows 7. While it was in February end 2015 that TeslaCrypt made its debut, in April end 2015, it was AlphaCrypt's turn.

Similar to TeslaCrypt, the online site of AlphaCrypt offers a single file's decryption free of cost along with one support page to interact with the ransomware's owners.

Notably, AlphaCrypt has certain improvements over the look-alike TeslaCrypt such as erasing VSS for ensuring the victim isn't saved via the means of his shadow volume. There is also an assurance that the process is run silently, implying the victim will be shown no messages.

The infections by AlphaCrypt or TeslaCrypt leads to a computer scan of the victim's data-files followed with encryption of all those files utilizing AES encryption to lock the files firmly and never to be easily opened. This is followed with a list of instructions in an application regarding the way the locked files can be retrieved. The instructions include one web-link taking onto one Decryption Service page that tells the ransom sum, total files encrypted, as well as directions for the payment process. At nearly USD500, the first price of ransom begins that should be paid through Bitcoins. And there is a distinct bitcoin address for every victim to submit his payment to.

There are other characteristics as well of AlphaCrypt variant, according to security researchers at Webroot viz., it has an extremely high volatility as it creates more and more windows processes commonly used with an intense likeness of the way Cryptowall 3.0 runs. Help Net Security reported this dated May 5, 2015.

Security Researcher Brad Duncan with Rackspace a cloud computing firm too examined the malicious program to find that its present delivery is through the Angler attack toolkit. Help Net Security reported this, May 5, 2015.

ยป SPAMfighter News - 5/13/2015

3 simple steps to update drivers on your Windows PCSlow PC? Optimize your Slow PC with SLOW-PCfighter!Email Cluttered with Spam? Free Spam Filter!

Dear Reader

We are happy to see you are reading our IT Security News.

We do believe, that the foundation for a good work environment starts with fast, secure and high performing computers. If you agree, then you should take a look at our Business Solutions to Spam Filter & Antivirus for even the latest version of Exchange Servers - your colleagues will appreciate it!

Go back to previous page