/?pid=17939

Updated:04:17 AM EST Mar 05
this is ggmania.com subsite

NEWS
rss feed 
 
top 100
archive
ARTICLES
CD/DVD tools
Free Antivir
Security
Drivers
Utilities
FORUMS
LINKS


(C) 2006-2025 TechAmok Independent
All Rights Reserved.


 
 CryPy ransomware encrypts your files with a unique key for each one - TechAmok

CryPy ransomware encrypts your files with a unique key for each one - [security]
04:50 AM EDT - Oct,15 2016 - post a comment

A new ransomware variant written in the Python language is currently out in the wild, and it seems to be stepping up its game against other crypto-malware out there. Dubbed 'CryPy,' a combination of the words 'crypt' and 'Python', its programming language, stands out from the crowd by assigning a unique key to a single file that it encrypts on a victim's system, therefore making decryption a lot harder.

The malware was found in a security flaw in a content management system called Magento, which allowed perpetrators to utilize a PHP shell script to a vulnerable web server in Israel, which now acts as the Command & Control (C&C) server of the CryPy ransomware. Moreover, the C&C server isn't used only for ransomware attacks; the server is also utilized to conduct phishing attacks, which are usually fake PayPal messages. It is believed that the malware developers are Hebrew-speaking.

CryPy is composed of two files, namely 'boot_common.py,' and 'encryptor.py.' The former is responsible for error-logging on the Windows platform, while the latter is the encryptor itself. Once a system has been infected, the ransomware disables Registry Tools, Task Manager, CMD, and Run, which are the usual features used to control and terminate malware. Soon after, it will start encrypting files. Typical ransomware encrypts all files of a system, then assigns a unique key for it, so when the developers demand money from victims, they can track the infected system. However, CryPy makes it a lot more difficult for its prey by assigning a unique key for each file that it encrypts.
"All your files are encrypted with strong chiphers [sic]. Decrypting of your files is only possible with the decryption program, which is on our secret server. Note that every 6 hours, a random file is permanently deleted. The faster you are, the less files you will lose. Also, in 96 hours, the key will be permanently deleted and there will be no way of recovering your files. To receive your decryption program contact one of the emails: 1. m4n14k@sigaint[.]org 2. blackone@sigaint[.]org. Just inform your identification ID and we will give you next instruction. Your personal identification ID:"
According to Kaspersky, the ransomware seems to be only in its early stages of development as it fails to encrypt files as the threat actor has recently moved to a new server, and the change has not reflected yet on the malware itself. Furthermore, it makes no mention of any proof of decryption, or any alternative method should the payment process fail.


Add your comment (free registrationrequired)

Short overview of recent news articles

Mar,05 2026 Google Drops Urgent Chrome Patch: 10 Flaws Fixed in Critical
Mar,05 2026 NVIDIA GeForce Hotfix Driver v595.76 is now available
Mar,04 2026 Google Slashes App Store Fees and Opens Door to Third-Party Stores
Mar,04 2026 Android's New Update Brings New Find My Features
Mar,04 2026 Samsung Confirms DRAM Prices Surge Over 100% in Q1 2026 Amid
Mar,04 2026 HW News - "Microslop" Censored, NVIDIA Unlaunches Drivers Again,
Mar,04 2026 A €55 ITX Case! - DeepCool CH170 DIGITAL Review
Mar,04 2026 Critical Flaw in MS-Agent AI Framework Exposes Systems to Remote
Mar,04 2026 South Korean Tax Officials Fumble $4.8 Million in Seized Crypto
Mar,03 2026 Windows 11 Upgrade Bug 'Deletes the Internet' for Some Users,
Mar,03 2026 Open-Source AI 'Hacker' Shannon Explodes to Fame with 96% Exploit
Mar,03 2026 Google Drops Massive Android Security Patch: Fixes 129 Flaws
Mar,02 2026 Apple Unveils iPhone 17e: MagSafe, A19 Chip, and Double Storage at
Mar,02 2026 NVIDIA GeForce 595.71 WHQL Driver
Mar,02 2026 Russian-Linked APT28 Exploits Zero-Day in Legacy MSHTML Engine to
Mar,02 2026 Honor Unveils Mind-Blowing Robot Phone with Dancing Camera at MWC
Mar,02 2026 Resident Evil 9 Requiem - Bonus DLC
Mar,01 2026 Microsoft's Copilot Discord Server Locked Amid 'Microslop' Spam
Mar,01 2026 Anghami CEO Open-Sources Powerful Real-Time Global War Monitor
Mar,01 2026 Chinese Developers Unleash Blazing-Fast Android AI Agent with
Mar,01 2026 Claude Surges to #1 on App Store as ChatGPT Faces Boycott Backlash
Feb,28 2026 Google Reveals Key New Features of Android 17
Feb,28 2026 OLED Gaming Monitors Are Finally Affordable
Feb,28 2026 OpenAI's KYC Partner Exposed in Surveillance Scandal as ChatGPT
Feb,28 2026 Pentagon Blacklists Anthropic Over AI Safeguards; OpenAI Secures
Feb,27 2026 Have RAM and GPU Prices Peaked?
Feb,27 2026 Zoom 'Update' Trap: Fake Site Infects 1,437 Users with Spyware in
Feb,27 2026 Stop WASTING Money on Fancy RAM
Feb,27 2026 Drunk AI robot
Feb,26 2026 AirSnitch Exposes Critical Flaw: Wi-Fi Client Isolation Broken in
Feb,26 2026 Revolutionary Ultrasonic Knife Hits Kitchens: C-200 Vibrates for
Feb,26 2026 Apple Scores Historic NATO Security Clearance: iPhone and iPad First
Feb,26 2026 Kali Linux Goes AI-Powered: Claude Now Runs Your Pen Tests in Plain
Feb,26 2026 Resident Evil Requiem - Stunning on PS5 Pro + PS5/Xbox Series X|S
Feb,26 2026 Samsung Galaxy S26 Ultra Flexes Hardware Muscle Over iPhone 17 Pro
Feb,26 2026 The Galaxy S26 Ultra has a 'wow' feature with video Lock
Feb,26 2026 I built the most BORING PC possible... and here is why it's
Feb,26 2026 Micron Blasts GDDR7 as Gaming Bottleneck While Nvidia's RTX 50
Feb,26 2026 UK Tightens Grip on Streaming Giants: Age Verification Now Mandatory
Feb,25 2026 Samsung Previews New AI Features Ahead of Flagship Phone Launch
>> News Archive <<

TechAmok - Privacy Policy        loading time:0.01secs