Crypt0L0cker is newer version of TorrentLocker ransomware, that appeared earlier. It encrypts all files except .html, .inf, .manifest, .chm, .ini, .tmp, .log, .url, .lnk, .cmd, .bat, .scr, .msi, .sys, .dll, .exe, .avi, .wav, .mp3, .gif, .ico, .png, .bmp and .txt that are necessary for proper Windows operation. All files get .encrypted extension and become inaccessible. The ransom amount is 2.2 Bitcoin. Crypt0l0cker creates DECRYPT_INSTRUCTIONS.html and DECRYPT_INSTRUCTIONS.txt files with instructions to pay the ransom and receive decryptor.
UltraCrypter is new version of ransomware that belong to the family of CryptXXX. It distributes via Angler Exploit Kit. It uses the same RSA-4096 encryption algorithm, but another type of decryption keys, that is why there are NO available 100% working decryptors yet. UltraCrypter adds .cryp1 extensions to all affected files. The ransom is 1.2 Bitcoins ($567.6). Malefactors give 96 hours to pay this amount, otherwise it will double to 2.4 Bitcoins.
Bloccato is dangerous virus, that belongs to the family of ransomware crypto-viruses. It uses AES-256 asymmetric encryption algorithm to encrypt users personal files on infected computer. Virus adds .bloccato extension to all encrypted files and creates LEGGI QUESTO FILE.txt text file that contains instructions to pay the ransom and obtain private decryption key. Ransom is 5 BitCoins or $2200+.
CryptXXX is ransomware crypto-virus. It encrypts user personal data with AES CBC 256-bit algorithm and asks for RSA-4096 key. Actually, CryptXXX also steals bitcoins stored on the computer if there are any. Virus modifies names and extension of all encrypted files to .crypt, changes desktop wallpaper using de_crypt_readme.bmp (image with black background and white text), creates text file with instructions to pay the ransom (de_crypt_readme.txt), and html file with the same instructions (de_crypt_readme.html). Ransom is about 1.2 BitCoins or $400. CryptXXX attacks data on local drives and attached storage devices.
CTB-Locker is very wide-spread and dangerous ransomware virus. It uses RSA-2048 encryption to encrypt various types of files stored on users computers (documents, images, photos, music, videos). Then CTB-Locker demands the ransom of $120 – $300 and shows message on your desktop: “Your personal files are encrypted by CTB-Locker”. Ransomware also creates text file with instructions DecryptAllFiles.txt in every affected folder. The virus itself is rather simple to remove, however we recommend you to use removal tool.