AlphaBetaCrypt Ransomware

Posted: January 27, 2020

AlphaBetaCrypt Ransomware Description

The AlphaBetaCrypt Ransomware is a file-locking Trojan that encrypts the media files on your computer so that they will not open. Further attacks include changes to filenames' extensions and ransom messages appearing, which borrow most of their text from the separate Scarab Ransomware family. Users should always have a backup stored safely for recovering any valuable work and let anti-malware solutions manage the removal of AlphaBetaCrypt Ransomware or intercepting installation attempts.

Just the ABCs of Ransoming Files for Bitcoins

Attacks by a file-locker Trojan that's not a part of the usual families are holding since the last month of 2019 and into the following year. Unusual quirks of the AlphaBetaCrypt Ransomware include an exception means of encryption, which accompanies mostly-vanilla symptoms and features, otherwise. The Trojan is a threat that's relevant to most Windows users, as it bases its extortion off of sabotaging standard formats like Excel spreadsheets, JPG pictures and PDF documents.

Like a majority of file-locking Trojans, including the Scarab Ransomware (whose Ransomware-as-a-Service this Trojan somewhat resembles) the AlphaBetaCrypt Ransomware blocks the user's media through encrypting the file data. It does so, however, with three algorithms – AES, RSA, and Salsa20, –, rather than the usual one or two. Unfortunately, this routine is secure against casual decryption or 'unlocking' via a third-party service, as malware experts can confirm regrettably.

The AlphaBetaCrypt Ransomware also changes extensions on these files to 'CRYPT' in all uppercase, like the far older Gomasom Ransomware. Additionally confusing its identity is the Scarab Ransomware note that it generates, but with different ID formatting and e-mails. Although the threat actor is basing his campaign off of Bitcoin payments, no prices or associated Web infrastructure, such as a TOR website, are making themselves apparent, at this article's date of writing. Nevertheless, users without backups have no other, clear solutions for recovering their blocked media.

Outsmarting an Alpha Predator of Digital Possessions

The AlphaBetaCrypt Ransomware is a Windows-based program and is being mistaken for a variant of the Razy Ransomware or the Crypren Ransomware by various security solutions and researchers. While the case of mistaken identity may lead users to an incompatible decryptor that will not recover their files, it doesn't prevent security services from flagging and quarantining the threat or blocking an installation exploit. Exploits related to file-locker Trojans often include social engineering tactics, such as fake e-mail attachments, torrents or software update pop-ups.

Besides avoiding dangers like downloading files recklessly, users also can protect themselves by turning off their browser's JavaScript and Flash. Installing security patches will further harden a system's defenses against automated intrusion attempts by Black Hat utilities. Lastly, a strong password will block brute-force attacks that are common against less well-protected servers and networks.

A backup is, however, a critical component of recovery from infection. Anti-malware software of all brands, while generally adept at removing the AlphaBetaCrypt Ransomware and threats like it, will not unlock any files or facilitate data recovery directly.

The AlphaBetaCrypt Ransomware's campaign is rotating through e-mail addresses over the months of its operations. While such behavior is, possibly, coincidental, it also might be an omen of a new family in the making – meaning that all users have one more, long-term opponent setting itself against their files.

Use SpyHunter to Detect and Remove PC Threats

If you are concerned that malware or PC threats similar to AlphaBetaCrypt Ransomware may have infected your computer, we recommend you start an in-depth system scan with SpyHunter. SpyHunter is an advanced malware protection and remediation application that offers subscribers a comprehensive method for protecting PCs from malware, in addition to providing one-on-one technical support service.

Download SpyHunter's Malware Scanner

Note: SpyHunter's free version is only for malware detection. If SpyHunter detects malware on your PC, you will need to purchase SpyHunter's malware tool to remove the malware threats. Learn more on SpyHunter. If you would like to uninstall SpyHunter for any reason, please follow these uninstall instructions. To learn more about our policies and practices, visit our EULA, Privacy Policy and Threat Assessment Criteria.

Why can't I open any program including SpyHunter? You may have a malware file running in memory that kills any programs that you try to launch on your PC. Tip: Download SpyHunter from a clean computer, copy it to a USB thumb drive, DVD or CD, then install it on the infected PC and run SpyHunter's malware scanner.

Home Malware Programs Ransomware AlphaBetaCrypt Ransomware

Leave a Reply

Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter. If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.