DynA-Crypt Ransomware

The DynA-Crypt Ransomware is a backdoor Trojan that also can encrypt your files to lock them and pressure you into paying ransom money. Although its attacks offer high-visibility symptoms, the consequences of waiting to see them can include potentially permanent file loss or a remote attacker's access to your computer. Use anti-malware products as necessary for removing the DynA-Crypt Ransomware before it can compromise your PC and backup strategies for reducing the chances of any data loss.

New Ransoming Trojans Exploding onto the Scene

Of the many motivations and resources responsible for creating new variants of threatening software, one of the most popularized among con artists is that of the threat toolkit, which usually is designed to produce minimally-diverse Trojans with a specialized sub-set of attacks in mind. These Trojans can include spyware, backdoor-based threats, threatening file encryptors, or, like the DynA-Crypt Ransomware, a program that accomplishes two or more of the above. With this Trojan and little coding experience, remote attackers can gain control over your computer and hold its contents up for ransom simultaneously.

The DynA-Crypt Ransomware is a creation of the Dynamite kit, and, similarly to the PowerLocky Ransomware, exploits the Windows PowerShell for accomplishing part of its payload. Some of the attacks from its payload that malware researchers rate as being particularly hostile include:

• The DynA-Crypt Ransomware will enumerate your hard drives while it searches for files such as documents or images. Content that matches its list of targets will undergo an encryption routine that enciphers the file's internal data and makes it unreadable. It deletes any Shadow Copies to stop you from using the Windows' default recovery options.
• The Trojan also generates a Bitcoin-ransoming demand via a pop-window, with an exceptionally strict time limit: every five minutes, the Trojan deletes randomly-selected encrypted files.
• The DynA-Crypt Ransomware can terminate a variety of applications automatically, including the gaming service Steam, your Web browser, some instant messengers and several Windows system utilities.
• A backdoor connection to a remote C&C server also could let con artists take other actions affecting your PC's security, such as removing software, adding new threats or changing settings.

Containing the Damage that One Stick of Dynamite Causes

As a persistent threat, the DynA-Crypt Ransomware will continue endangering your PC until you take any of several steps to terminate it, such as using Safe Mode or an alternative boot-up method that ignores its auto-launching exploits. Although malware researchers recommend storing backups of any files of value habitually, PC users without such foresight may have no other options besides risking the ransom until new developments occur. Victims with time also can consider contacting receptive cyber security researchers for their help with creating a free decryption tool.

As long as the DynA-Crypt Ransomware has access to your PC, all data on it should be assumed to be at risk. Installation exploits that other people may use for dropping the same types of threats comprise of e-mail attachments, illicit download networks, website vulnerabilities and brute force cracking passwords. Many of these attacks are preventable entirely with anti-malware protection for spotting the DynA-Crypt Ransomware on sight, while others are mitigated by using the proper software settings and avoiding risky Web behavior.

Since the DynA-Crypt Ransomware may be just one of a series of Trojans to spawn from the Dynamite threat-creating kit, PC users should continue backing up their files regularly to protect themselves from the hazard of non-consensual encryption. While signs are promising that decryption solutions may be available for future attacks, the DynA-Crypt Ransomware is one of the numerous threats that only need small changes to make a temporary file-lock into a permanent one.

Technical Details