Skip to main content

After update, Kaspersky tool no longer combats CryptXXX ransomware

A close up of a woman using a laptop that is displaying Kaspersky software on its screen.
Image used with permission by copyright holder
Ransomware is a growing threat to anyone that uses a computer — even the U.S. House of Representatives has been a recent target. This kind of attack can result in a desperate situation for the victim, and there’s now word that a common strain of the malware has been upgraded to resist countermeasures.

Last month, Kaspersky released a tool intended to help users targeted by the CryptXXX ransomware regain access to their systems without paying a bounty to the culprits. Now, researchers at Proof Point have identified a new version of the malware that can sidestep the company’s RannohDecrypter utility.

RannohDecrypter was originally developed to help users targeted by the Rannoh Trojan, but was later expanded to tackle CryptXXX as well. In response to this, the authors of CryptXXX have made some adjustments to the way their weapon targets systems to extort their owners.

Version 2.006 of CryptXXX locks down the targeted system completely, which was initially interpreted by Proof Point as a “quick and dirty” means of preventing the use of RannohDecrypter. However, there’s another more sophisticated strategy at play that removes Kaspersky’s tool from the equation.

CryptXXX now causes an error message to read, “encrypted file size does not equal to original” when the user attempts to employ RannohDecrypter. It’s thought that the malware is using the zlib data compression library as a means of counteracting the utility.

This development illustrates the cat-and-mouse game of modern security research. Research teams and malware developers are continually trying to stay one step ahead of the competition, which often boils down to studying the last move made by their opponent.

The advice on how to stay safe remains the same; keep your security software up to date, and avoid clicking any suspicious links, or opening unsolicited email attachments.

Editors' Recommendations

Brad Jones
Former Digital Trends Contributor
Brad is an English-born writer currently splitting his time between Edinburgh and Pennsylvania. You can find him on Twitter…
The next big Windows 11 update has a new hardware requirement
Windows 11 device sitting on a stool.

Microsoft’s upcoming Windows 11 24H2 update is expected to arrive with yet another hardware requirement. Centered around SSE4.2 or Streaming SIMD Extensions 4.2, a crucial component for modern processors, the new Windows 11 24H2 with build 26080 will only boot on CPUs that support the instruction set.

This information comes from Bob Pony on X (previously known as Twitter), following earlier reports in February where he claimed that CPUs lacking support for the POPCNT instruction were no longer compatible with Windows 11. The updated requirement is essentially the same, except that they now mandate the entire SSE 4.2 instruction set instead of just the POPCNT instruction within it, as was previously required.

Read more
How to choose the best RAM for your PC in 2024
RAM inside the Starforge Navigator.

If you want to choose the best RAM for your PC, you'll be faced with a lot of terms that may not sound familiar at a glance. DDR? DIMM? CAS? XMP? When you just want something that goes well with the rest of your PC, having to pull out a dictionary before you shop can be pretty daunting.

Fortunately, picking RAM is fairly straightforward once you understand what you're looking for and what it means. In our RAM buying guide, we'll walk you through the process so that you can be happy with your choice.
Understanding RAM
The thing about RAM is that you don't need to fully get what each and every spec is responsible for -- not unless you want to. If you're building a barebones office PC, even sub-optimal RAM will make it run; the problem is that it won't run nearly as well as it could.

Read more
This HP laptop is discounted from $519 to $279
HP 14 laptop with intel Celeron on desk.

There are laptop deals for top-of-the-line machines, but if you only need a basic device for your day-to-day needs, don't spend more than you should by taking advantage of Walmart's offer for the HP 14-inch Laptop. Instead of $519, you'll only have to pay $279 for savings of $240. That's an extremely affordable price for a brand new laptop, but we don't think it will last long. To make sure that you don't miss out on the discount, it's highly recommended that you proceed with the transaction as soon as possible.

Why you should buy the HP 14-inch Laptop
The HP 14-inch Laptop will never be able to match up to the speed of the best laptops, which is expected because of its price. However, if you're thinking about using the device for simple tasks like browsing the internet, watching streaming shows, and typing documents, then its 13th-generation Intel Core i3-N305 processor, integrated Intel UHD Graphics, and 8GB of RAM will be enough. The laptop also ships with Windows 11 Home pre-installed in its 256GB SSD, for an operating system that will be familiar for most people.

Read more