Zorab Ransomware Launches Fake Tools
Zorab Ransomware Launches Fake Tools
June 8, 2020
Zorab Ransomware Launches Fake Tools
Zorab Ransomware Launches Fake Tools
June 8, 2020

Creators behind Zorab ransomware launched a fake tool that double-encrypts files affected by the attack.

On June 5, it has been reported by Bleeping Computer that the creators behind released a fake STOP Djvu decryptor. Instead of recovering a victim’s data, this software appears to encrypt their files further with a second ransomware. 

However, when the victim opens one of these tools, the software extracts an executable file called crab.exe, as this is the Zorab ransomware itself. Once executed, the tool will encrypt all files present with a .ZRB extension.

Brett Callow, the threat analyst of the malware lab Emsisoft, said that STOP is the most prevalent ransomware by far, as it accounts for approximately one-half of all incidents.

He added:

“Unfortunately, criminals often create fake versions of popular software in order to spread malware, and they have now created a fake version of our decryptor to do just that. Running the fake tool will not recover data that was encrypted by STOP, it will actually encrypt it for a second time.”

Likewise, Callow refers to one of several free tools launched recently by Emsisoft. These tools allow people to decrypt files affected by specific ransomware variants.

ALSO READ :  Mexico’s Third Richest Person Ricardo Salinas Pliego Adds “Bitcoin” On Social Media

As per the report, he issued the following warning to the public:

“This illustrates why people should exercise caution when downloading software and apps and ensure it has come from a reputable and trustworthy source. Similarly, cracks, activators, and keygens should be avoided as these are also frequently used to spread ransomware and other malware.”

Thus, on June 4, Emsisoft launched a free decryptor tool, which enables victims to recover files encrypted by Tycoon ransomware attacks without needing to pay the ransom.

Source: Cointelegraph | Image: CPO Magazine


Crypto News Point a news platform of Digital Notice Media Labs is primarily a regular publication of information, commentary and articles focused extensively on fintech, blockchain technology, cryptocurrency, blockchain-based tokens, cryptocurrency market trends, and trading strategies. We do not provide individually tailored investment advice and does not take a subscriber’s or anyone’s circumstances into consideration when discussing investments, nor is Crypto News Point registered as an investment adviser or broker-dealer in any jurisdiction. Information contained herein is not an offer or solicitation to buy, hold, or sell any digital assets.

Affiliate Disclosure: To help support the work we do here at CNP, we often link to products and deals from around the web. Should you buy some of these, we may get a portion of the sale.

We in generally gather content from the major websites. In every article there is always a clear link and attribution to the source publication. If you have any issue with any of our published content taken from your site, kindly let us know so that we can take appropriate action. In any case, the content of the pages of this website is for your general information and use only. It is subject to change without notice.

You May Also like

Square Purchases More Bitcoin

Square Purchases More Bitcoin

Square, the financial services outfit owned by Twitter CEO Jack Dorsey, has purchased more Bitcoin (BTC).  It has been reported that Square “has purchased approximately 3,318 Bitcoins at an aggregate purchase price of...

Ishita Bora

Ishita Bora is a Senior Content Creator at Digital Notice Media Labs with an experience of 1 year. She has completed her Master's Degree in Language and Linguistics in 2019 from Gauhati University, India. Her interest lies in blockchain technology and cryptocurrency space. She loves writing about blockchain and other blockchain-related articles.