New sophisticated ransomware detected

new sophisticated ransomwareA newly discovered ransomware called “Critroni” is said to be more sophisticated and powerful than Cryptolocker, according to a recent article by, and it uses the TOR network (anonymous internet network) to decrypt files.  As you may have heard in past news, the Cryptolocker ransomware was spreading over the internet and causing damage by accessing, encrypting, and holding user files for ransom.  The user is then instructed to pay a fee for unlocking their files, in which sometimes files were not fully recoverable unless users had a backup.  Cryptolocker has since been neutralized by the U.S. Dept. of Justice by taking control of the servers and the botnet that was in charge of the distribution.

This new ransomware is said to be more stealth and advanced in design.  Critroni uses a different algorithm that is faster and the files become nearly impossible to decrypt without paying the ransom.  It uses a public and private key, like Cryptolocker, in which the user is prompted to pay ransom in the form of Bitcoin, but Critroni stores the private key on the TOR network making it tough for law enforcement to locate the servers.  Also noted, the Critroni file encryption process takes place locally before connecting to the server, therefore making it challenging for security software to detect it early and attempt to block it.

To read more detailed information offered by website – Click Here

Comments & Responses

Comments are closed.