Encrypt Ransomware Joins the VoidCrypt Family


A ransomware attack is a type of malware, which infects your computer and encrypts the files on it. The attacker usually demands payment in order to decrypt the data. So it's not about destroying your files but about keeping them hostage, demanding ransom from you in return to get them back.

In other words, a ransomware attack is a criminal activity where the victim's data is held hostage by an attacker until a ransom is paid. The only way to restore your files is by paying the ransom. This is why we in the security industry call it 'ransomware.'

One of the infamous ransomware families is called VoidCrypt and, recently, it has been associated with a new file-locker variant - the Encrptd Ransomware. Victims of this threat will notice the following changes to their files:

  • Their images, documents, archives, and other data is inaccessible.
  • The majority of their files have their names marked with the suffix '.(<VICTIM ID>)(Encrpt@criptext.com).encrpt.'
  • The ransom notes Decryption-Guide.HTA and Decryption-Guide.TXT are available on the desktop.

Just like other ransomware attacks, this one also aims to steal money from victims. The Encrypt Ransomware creators offer to sell a decryptor to anyone who pays an unspecified ransom fee. They provide the contact email encrpt@criptext.com and urge their victims to contact them for assistance. You should not accept the Encrptd Ransomware offer - the criminals could easily scam you. Instead, use an antivirus tool to eliminate the threat. Then, explore alternative data recovery options.

February 7, 2022