CryptoMix ransomware variant carries new .tastylock extension

News by Doug Olenick

Cyber-criminals have given CryptoMix ransomware a few minor twists, including adding a new extension name to the encrypted files.

Cyber-criminals have given CryptoMix ransomware a few minor twists, including adding a new extension name to the encrypted files.

Bleeping Computer's founder Lawrence Abrams did a quick overview of the changes, which was uncovered by cyber-security researcher Michael Gillespie. The main difference is the addition of the .tastylock extension to all encrypted files. The email address used to contact the attacker for payment information has also changed and is now t_tasty@aol.com.

Abrams noted that the basic encryption method used by this variant was the same as CryptoMix and the ransomware remained a text document named _HELP_INSTRUCTION.TXT.

Topics:

Find this article useful?

Get more great articles like this in your inbox every lunchtime

Upcoming Events