CyberSCCP Cryptor Ransomware

Posted by Lisa Blanc on June 27, 2018

What is CyberSCCP Cryptor Ransomware?

CyberSCCP Cryptor Ransomware is an infection that was built to push you into communicating with cyber criminals and paying a ransom for a decryptor that would, allegedly, save your personal files. The infection is most likely to spread using spam emails with a misleading message that is meant to trick you into opening a corrupted file attachment or link. Note that both messages and the email addresses via which they are sent can be extremely misguiding, and you need to be careful. For example, if it appears that you have been sent a legitimate message from a postal service, you need to think if you are expecting a package. If you are not careful enough, you could execute the infection without even realizing it. Once executed, it can perform in a malicious way, and it was found that it can indeed encrypt your personal files. In this situation, you might be focusing on the decryption of your files, but we suggest redirecting your focus to the removal of CyberSCCP Cryptor Ransomware. You can learn all about that by reading this report prepared by Anti-Spyware-101.com researchers.testtest

How does CyberSCCP Cryptor Ransomware work?

According to our analysis, there are two different versions of CyberSCCP Cryptor Ransomware. The first version of this malware is less dangerous because it does not encrypt files and because it is a simple screen-locker that can be disabled by tapping Alt+F4 keys on the keyboard. Of course, the executable of this malware must be removed as soon as possible. Unfortunately, not all users will recognize that they are facing a scam because the message represented via the screen-locker informs that files were encrypted and that the victim has 48 hours before a decryption key is deleted. It is suggested that this key can be purchased for 0.3 Bitcoin, a sum that must be transferred to the1H76vzhxc7ZytsXW7v4cxje769QanKbyHA wallet. Fortunately, at the time of analysis, this Bitcoin wallet was empty. The screen-locker also reveals the CyberSCCP@protonmail.com email address, which victims are urged to use for communication. The same email address is used in the second version of the malicious CyberSCCP Cryptor Ransomware. This version is much more dangerous because it actually encrypts files. When it does that, it attaches the “.CyberSCCP” extension to all of their names to help you identify the corrupted files.

The file-encrypting variant of CyberSCCP Cryptor Ransomware uses a file named “READ_IT.txt” to deliver the demands, and, of course, the stakes are much higher than if you were dealing with a screen-locker. If your files are encrypted, you need to think if there is any way for you to recover them. Maybe you can replace the corrupted copies with the backup ones? If backups do not exist, this is not an option. When it comes to legitimate file decryptors, you are unlikely to find one that would be able to decode this threat. That means that your only option is to take the risk and pay the ransom. Wait a minute! Do you really expect cyber criminals to aid you? At the moment, 0.3 Bitcoin is almost 2,000 USD, and that is not the kind of money you want to put at risk. Most likely, if you paid it, you would not receive anything in return. Although you might be out of control when it comes to your personal files, you can delete CyberSCCP Cryptor Ransomware, and this is what we are here to help you with.

How to remove CyberSCCP Cryptor Ransomware

If you are dealing with the screen-locker version of CyberSCCP Cryptor Ransomware, you need to tap keys Alt+F4 to close the window represented by the infection. After that, you need to find and remove the malicious launcher file. Unfortunately, we cannot tell you where exactly this file is or what its name is. If you cannot find and delete CyberSCCP Cryptor Ransomware manually, you can employ an anti-malware program to take care of that automatically. This software, of course, can do much more than just erase a malicious ransomware. Its most important task is to keep your operating system malware-free altogether, and so if you do not want malicious threats invading your operating system in the future, this is the software you need to install without further hesitation.

Removal Instructions

  1. Tap keys Alt+F4 to close the screen-locker.
  2. Find and Delete all recently downloaded suspicious files.
  3. Delete the ransom note file, READ_IT.txt (if copies exist, erase them too).
  4. Empty Recycle Bin and then perform a full system scan (if leftovers are detected, delete them ASAP). 100% FREE spyware scan and
    tested removal of CyberSCCP Cryptor Ransomware*
Disclaimer
Disclaimer
Trojans

Leave a Comment

Enter the numbers in the box to the right *