Cryptomix belongs to a ransomware family that was released about two years ago. Developers of the ransomware have made a few minor tweaks including adding .System extension to the encrypted files.
If you have been a victim of the latest ransomware attack, you should contact a security expert before paying the ransom. Security experts can analyze the ‘decryptor’ and provide counsel on alternative strategies to dealing with the threat.
Here you will know about the changes in the latest Cryptomix variant, and also learn about some safety measures that can help protect your system against the treat.
Changes in Latest Incarnation of Cryptomix Ransomware
The latest variant of Cryptomix ransomware uses the same encryption method and modus operandi to terrorize the victims. But there have been slight changes.
The ransom note of the new version is named _HELP_INSTRUCTION.TXT similar to the old one. However, the emails mentioned in the note to solicit payments from the victims is different. Emails mentioned in the new note include systemwall@keemail.me, systemwall@yandex.com, systemwall1@yandex.com emily.w@dr.com, and systemwall@protonmail.com.
Another notable difference from the prevision version is the encryption that is appended to the encrypted files. This new version adds the extension .SYSTEM to the files after encrypting them.
Apart from these two differences, the latest version is exactly similar to the old version. The ransomware has been updated numerous times since first released in March 2016. Despite the minor differences, the mode of attack remains the same. Victims are required to pay in Bitcoins after contacting the criminals through the provided email.
How to Protect Your System from Cryptomix and Other Ransomwares?
You should take immediate steps to protect your system from the threat posed by ransomware. Make sure that a good security software is installed on the system. Another important tip is to keep backup of the important files. The backup should be updated on a regular basis. It’s best to keep a backup on multiple systems to ensure maximum protection. In this way, you can easily restore the files are encrypted by the ransomware.
Security software that you install in the system should not just have signature detection or heuristic feature, but it should feature advanced behavioral detection system to monitor malicious activities. Examples of good security software include Malwarebytes Anti-Malware and Emsisoft Anti-Malware. Both of these contain advanced behavioral detection feature that can offer maximum protection against ransomware and other malicious codes.
In addition, you should follow good security practices to avoid infecting the system. Here are some precautionary measures that can help protect your system against all types of online threats.
- Never open any attachments in e-mail from unknown sources
- Don’t open attachments of even known sources until confirming that the person has sent the email
- Always scan all attachments using security or anti-virus software
- Install Windows security patches as they are released
- Update all programs including Adobe Reader, Flash, and Java software. Developers regularly scan the software for security vulnerabilities and release updates
- Avoid using the same password for all the sites. Consider using strong passwords with both letters, numbers, and special characters
Keeping the above tips in mind will ensure that your system remains protected. Ransomware exploits lax in securities. By securing your system, you can avoid falling victim to cybercriminals. Simple steps such as installing a security software with advanced behavioral detection feature and keeping backup of important files will go a long way in protecting you from being a victim of an online crime.
