2016 continues to unpleasantly surprise with appearance of new very dangerous viruses. Thus, at the end of May, cyber security experts have discovered a new Trojan-cryptographer Crypren (Trojan.Crypren.Win32, according to classification of experts from Zillya! Antivirus lab), which has an unusual feature – self-propagation.
Trojan copies itself to all connected portable memory devices, including memory cards and flash drives, which become carriers of Crypren and dangerous to other PCs when connected to them. That is why you shouldn’t pass your friends or acquaintances memory storage devices that have been used on an infected PC.
Ways of infection
Infection with “virus” comes through the mail, or downloading fake installation files of known programs, such as Flash Player.
Postal path often uses MS Word documents, at the opening of which, the user's PC gets infected with malicious software. Infection through the installation files occurs when you run the installer with the “incorporated” Trojan in it.
As a result, Crypren encrypts all the files found on your PC. Opportunities of Trojan evolve tremendously. So, two weeks ago, it encrypted around 80 kinds of files. Today – already more than 120, including zip, xlsx, jpeg, mpeg and others. The screen of the infected PC displays the blocking picture-inscription with the demand of ransom.
Fraudsters require around 500 US dollars for the decoding data back, but in Bitcoins (1.2 Bt). If the user waits a few days, the price rises to 5 Bitcoins (2.2 thousand US dollars).
In order to avoid becoming a victim of Crypren, experts of Zillya! Antivirus lab say that it is enough to strictly stick to a few basic safety rules:
1. Do not open emails from unknown recipients with attached files or text documents.
2. If you have opened such letter, do not open the attached files.
3. Delete such letter.
4. Do not use the installation files of known programs from third-party sources.
6. Use Antivirus both on a PC and on a mobile device.
7. Make regular copies of important information.