Bitcoin Ransomware Education – CrypAura

kingdice"

The number of different types of Bitcoin ransomware is scaringly high when taking into consideration how many of them are out there. CrypAura is often overlooked as a malware threat, simply because it had very little to no success in general. Scare tactics do not work quite well in the world of ransomware, which is more of a blessing than a curse in this case.

Also read: Bitcoin Ransomware Education – CryptoFortress

CrypAura Introduces Scare Tactics To Bitcoin Ransomware

TheMerkle_Ransomware Education CrypAura

It is not all that difficult to spot an email coming from hackers trying to infect your computer with CrypAura, as the email address, they send it from has the term “antivirusebola” in it. Not a regular domain name by any means and especially not something people would associate with an impending ransomware attack.

For those who do open this email and download the attachment, will be greeted with a CrypAura infection message shortly afterwards. Infected files are made inaccessible, as new file extension are created that could only be unlocked by entering the decryption key, which had to be paid for in Bitcoin.

However, payment instructions for the decryption process could only be obtained via email, which puts an entirely new spin on the whole Bitcoin ransomware ecosystem. Up until this point, users had to either visit a page on the Tor protocol or have the payment information embedded within the malware executable itself.

But there is another significant difference between CrypAura and previous iterations of Bitcoin ransomware. The number of file extensions put in harm’s way rose from 39 to 102, which is quite a significant increase. Most of these files types act as backup files for multiple different applications. making it even harder to bypass the ransom CrypAura wants users to pay.

Last but not least, CrypAura changes the wallpaper of the infected computer with clear instructions on who to get in contact with regarding the removal of this ransomware. According to the latest information, the Bitcoin ransom was set at US$500 per infected computer, which is relatively high.

Source: Trendmicro

Images credit 1,2

If you liked this article follow us on Twitter @themerklenews and make sure to subscribe to our newsletter to receive the latest bitcoin and altcoin price analysis and the latest cryptocurrency news.