SystemCrypter Ransomware
The SystemCrypter Ransomware is a file-locker Trojan that can encrypt documents and other media throughout your computer and other, accessible devices. Although it's not a member of a prominent family, its symptoms, including pop-up alerts, are similar to those of the Crysis Ransomware. Users should always store backups against any possible Trojan attacks securely and use anti-malware programs when it's appropriate for removing the SystemCrypter Ransomware or identifying infection attempts.
A Trojan with a Little Bloat
An independent, file-locker Trojan's development by a novice threat actor is showing some signs of poor programming that could give its victims cause for celebrating. The SystemCrypter Ransomware, whose warning messages make it resemble a variant of the Dharma Ransomware or the Crysis Ransomware's quickly-growing family, has no relationship to any Ransomware-as-a-Service. However, independence and surprising file size of over seven megabytes don't do anything for helping its encryption quality.
The SystemCrypter Ransomware is a Windows program that targets and blocks media files by using AES encryption in CBC mode, which isn't uncommon for Trojans of its classification. Although the Trojan is in development and malware experts can't confirm live attacks, the encryption portion of its payload, along with its supporting set of features, is functional. Victims should avoid identifying it by the extension, alone, since the SystemCrypter Ransomware shares the 'crypted' tag with other Trojans, including a member of the Globe Imposter Ransomware and the Nemucod Ransomware.
Some of the other features worth taking notice of in the SystemCrypter Ransomware infections include:
- Creating interactive, HTA or advanced HTML pop-up warnings.
- Disabling the Task Manager through the Registry.
- Wiping the Windows Shadow Volume Copies.
- Compromising non-local drives, such as NAS (network-attached storage).
These attacks deliver ransoming demands for Bitcoins, block off recovery solutions, and guarantee that the SystemCrypter Ransomware endangers as many files as possible.
Taking Your System Back from Encryption
For all of its size, the SystemCrypter Ransomware offers less security for its payload than a 'public' Trojan like Hidden Tear or the various Ransomware-as-a-Service families. Users who have possession of the 'key.txt' file that this threat generates have a strong chance of decrypting their data with the help of appropriate cyber-security specialists. Malware experts don't recommend assuming this means of resolution, however; since the SystemCrypter Ransomware shows several signs of incomplete development and may add more security, later.
There is no activity associated with the wallet address that the SystemCrypter Ransomware uses for gathering ransoms, as of late June. Users can help with keeping it that way by backing their work up to drives that have protection from third-party programs accessing their files without additional credentials. Anti-malware protection from security software can provide a secondary point of defense and delete the SystemCrypter Ransomware, as is appropriate.
The SystemCrypter Ransomware is a future threat for Windows users as if they needed any more file-locker Trojans targeting them. Those who take advantage of the warning will have their backups planned out sooner rather than later.
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.