Kraken Cryptor 2.0.5 Ransomware

The Kraken Cryptor 1.5 Ransomware is an update of the Kraken Cryptor Ransomware, a file-locking Trojan that encrypts the majority of the files on your PC before delivering its ransoming demands. This version of the Trojan modifies the ransoming message's format and, otherwise, is similar to the first build. Keep your files backed up to appropriately secure locations for reducing their vulnerability to encryption-based attacks and use a trusted brand of anti-malware software for removing the Kraken Cryptor 1.5 Ransomware from any infected computers.

The Kraken Rises Back Up from the Waves

A particularly sophisticated, file-locker Trojan from August, the Kraken Cryptor Ransomware, is continuing to get development from its author, who's changing the ransoming demands and even offers some benefits to the victims in particular countries. The Kraken Cryptor 1.5 Ransomware's campaign is targeting users outside of Iran and various Commonwealth nations, although the actual encryption feature doesn't eliminate the possibility of those regions also being at risk necessarily. Malware experts also conclude that its notably complicated encryption standard remains just as threatening to digital media as previously.

The Kraken Cryptor 1.5 Ransomware uses more layers of encryption for locking files than most threats of its category and supports RSA, AES, RC4 and other algorithms. Also unlike many file-locker Trojans, it encrypts most of the contents of the infected PC's drives, although it does omit a few locations, such as the Windows operating system's folder. The previous disguise of being a 'Windows Authorization Service' still is part of the Trojan's credentials.

Although the old release used a Notepad-format ransom note, the Kraken Cryptor 1.5 Ransomware updates this warning to a well-formatted HTML file or local Web page. The Bitcoin ransom also is cheaper than previously, although, at over seven hundred dollars equivalent, remains expensive. Some of the formatting choices that malware experts note in the instructions imply non-American victims as being the intended readers, with English speakers being most at risk.

A Sea Creature's Attack with Discrimination for Some Countries

One of the most novel aspects of the Kraken Cryptor 1.5 Ransomware's ransoming instructions is the offer to give free decryption help to anyone residing in various British Commonwealth nations or the Republic of Iran. Whether this choice is a political message or an attempt to keep legal authorities from showing too much interest in the campaign's author is not yet knowable. While the users can make use of free decryption opportunities safely, not all file-locker Trojans have such possibilities, and backups always should be emphasized as mandatory for defending against these campaigns. Malware experts also encourage the following defenses:

• Examine any e-mail attachments for potential dangers, such as suspicious Word macros or PDF vulnerabilities. Spam e-mail campaigns may be disguising the Kraken Cryptor 1.5 Ransomware's installer as a workplace message or a finance-themed document.
• Disable RDP features when they're not in active use by authorized parties and use login combinations that aren't at risk against brute-force attacks, which can break factory-default and short passwords easily.

There is no public decryption service for the Kraken Cryptor 1.5 Ransomware, which uses an advanced encryption routine without any known vulnerabilities. However, your anti-malware products should terminate the Kraken Cryptor 1.5 Ransomware before its attacks can begin, assuming that they're enabled.

The reasoning behind the Kraken Cryptor 1.5 Ransomware's selection of victims may be relevant to tracking its future activities or turn out to be a negligible footnote incredibly. Since it isn't filtering its attacks according to IP addresses or other system statistics, banking on geographical immunity to its attacks isn't a good idea for anyone.