Site icon Panda Security Mediacenter

New ransomware variant detected: Trj/Crypdef.A!

Our colleagues at PandaLabs have discovered a new strain of ransomware, a piece of malicious software which allows cyber-criminals to remotely lock the computers they infect.

Ransomware locks computer systems and encrypts files, demanding the user pay a ransom to get control back.

The new variant has been detected as Trj/Crypdef.A.

 

How Trj/Crypdef.A works

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run “FileRescue”

Data: C:\ZeroLocker\ZeroRescue.exe

How to avoid the ransomware

 

Exit mobile version