CryptoCat is the catchy name of a dangerous ransomware virus. The virus infects computers, encrypts all their important files and demands payment for their decryption. CryptoCat claims that it uses the RSA-2048 encryption. All encrypted files have the “.cryptocat” extension.
More Information About the CryptoCat Ransomware Virus
CryptoCat Ransomware Virus – Technical Details
The CryptoCat ransomware virus is made for one specific purpose – to extort money out of its victims. The crooks that developed the virus promise that they’ll decrypt all files that were locked if they get paid. The price rate of decryption is 1.6 BitCoin, about $850 or €800.
Once the virus infects the system, it starts looking for particular file types to encrypt. Ransomware target video files, photos, music, documents. You’ll know that your files were encrypted by CryptoCat if they have the “.cryptocat” extension at the end of their name.
CryptoCat also drops a ransomware note on the infected computer in the forms of a .txt files named “Your files are locked !.txt”
The Note Contains The Following Text :
Your files are locked !.txt – BROKHOT
(Darin Elpasto cDopmaT Boa Cnpaska
Support e-mail: [email protected] [email protected]
Your personal files encryption produced on this computer: photos, videos, documents, etc. Encryption was produced using a unique public key RSA-2048 generated for this computer.
To decrypt files you need to obtain the private key.
The single copy of the private key, which will allow to decrypt the files, located on a secret server on the Internet; the server will destroy the key after 168 hours.
After that nobody and never will be able to restore files.
To obtain the private key for this computer, you need pay 1.45 Bitcoin (-611 USD)
Your Bitcoin address:I 1DoW7ifYKAsGvBzCQR5nvdgt3qcc7M15Do You must send 1.45 Bitcoin to the specified address and report it to e-mail customer support.
In the letter must specify your Bitcoin address to which the payment was made.
Here’s a Picture of the Note:
CryptoCat Ransomware Virus – Conclusion
This particular ransomware virus isn’t as dangerous as say Cerber3 or Locky, but it still poses a serious threat to the users who contracted it. If you’re among them, be sure to remove it using an anti-malware tool. As of now, there’s no decryptor tool released.