Home Malware Programs Ransomware CryptConsole Ransomware

CryptConsole Ransomware

Posted: January 27, 2017

Threat Metric

Ranking: 6,856
Threat Level: 1/10
Infected PCs: 408
First Seen: January 27, 2017
Last Seen: August 28, 2021
OS(es) Affected: Windows

The CryptConsole Ransomware is a Trojan that pretends to encrypt your files, but, in reality, limits itself to modifying their names. For sufficiently large volumes of content where manual renaming is impractical, malware experts recommend using free data recovery solutions, such as backups. You also may use anti-malware products to delete the CryptConsole Ransomware at its installation point such as an e-mail attachment.

A Ransom Attempt that Gives Up at the Halfway Mark

The many branches of the Globe Ransomware's family are starting to experience ironic competition in the form of copycats and clones, primarily, Trojans borrowing the ransom message of that Trojan and nothing else. Despite exhibiting symptoms just like real file-encrypting Trojans, these imitations can't duplicate all of their attacks necessarily. To display one egregious failure in attempted extortion, malware experts are isolating the CryptConsole Ransomware.

The CryptConsole Ransomware seems to be targeting the same, vulnerable business servers that more high-end threats than itself are profiting from compromising. The initial infection may trigger through a file that the threat actor attaches to his disguised e-mail spam. When it launches, the CryptConsole Ransomware begins an attack that resembles the file-encrypting features of threats like the Jigsaw Ransomware externally. However, malware experts can confirm that only filenames are subjected to the CryptConsole Ransomware's enciphering, with the underlying, essential data remaining unchanged.

Once the fake encryption finishes, the CryptConsole Ransomware creates an HTA ransom message almost identical to the ones circulating within the Globe Ransomware family. The threat actor asks for Bitcoin payments for 'decrypting' your files, which keeps the victim from canceling the cash transfer afterward. The same note also includes what malware experts can verify as being false information, such as warnings against attempting alternate data recovery methods or using anti-virus software.

The Easiest Decryption You'll Ever See

Other than obscuring the identity of your individual files, the CryptConsole Ransomware does no serious damage to any of the files that it supposedly locks. Victims can open their files on a one-by-one basis and rename them, as appropriate. However, since the CryptConsole Ransomware targets a large range of commonly-used formats, malware experts also might encourage restoring from a backup or using the free filename decryptors that third-party anti-malware organizations are hosting. However, you should be careful to use only decryptors specific to the CryptConsole Ransomware; other programs that try to decrypt more than just the name will cause file damage.

Although the CryptConsole Ransomware is a low-level threat apparently created from free resources put together haphazardly, updates to the Trojan could make it a more significant danger to your data. Users of servers storing high quantities of files also may experience non-trivial inconvenience from the Trojan's renaming all content into illegibility. Use anti-malware programs to guard against these attacks and remove the CryptConsole Ransomware beforehand.

Not every con artist is talented enough to create a high-end, threatening program worthy of compromising a valuable business database. Even so, clones of old Trojans, like the CryptConsole Ransomware imitating Globe Ransomware, remain adept at confusing their victims into paying something for nothing.

Use SpyHunter to Detect and Remove PC Threats

If you are concerned that malware or PC threats similar to CryptConsole Ransomware may have infected your computer, we recommend you start an in-depth system scan with SpyHunter. SpyHunter is an advanced malware protection and remediation application that offers subscribers a comprehensive method for protecting PCs from malware, in addition to providing one-on-one technical support service.

Download SpyHunter's Malware Scanner

Note: SpyHunter's free version is only for malware detection. If SpyHunter detects malware on your PC, you will need to purchase SpyHunter's malware tool to remove the malware threats. Learn more on SpyHunter. If you would like to uninstall SpyHunter for any reason, please follow these uninstall instructions. To learn more about our policies and practices, visit our EULA, Privacy Policy and Threat Assessment Criteria .

Why can't I open any program including SpyHunter? You may have a malware file running in memory that kills any programs that you try to launch on your PC. Tip: Download SpyHunter from a clean computer, copy it to a USB thumb drive, DVD or CD, then install it on the infected PC and run SpyHunter's malware scanner.

Related Posts