An unorthodox new ransomware known as vxCrypter has been discovered that not only encrypts and holds a user’s files to ransom, but also tidies up their file system in the process.

While vxCrypter, which was first discovered by Lawrence Abrams, poses the typical threat to users by forcing them to pay a ransom to regain access their infected and therefore encrypted files, it also deletes duplicate files, tidying up their computer.

Researchers had initially thought this was an intentional bug produced in the development of the ransomware, but it is now thought it is an intentional move designed not only to speed up the encryption process but also increase the threat to users.

“Decryption can take time when it comes to large quantities of data,” explained Roy Rashti, a cybersecurity expert at BitDam.

“By encrypting solely unique files, the vxCrypter ransomware can speed up this process. In addition, the prospect of losing files that hold valuable information could intimidate the affected end user into paying the ransom.”

How users can protect against vxCrypter ransomware

For users, the advice is the same as for any ransomware: stay alert to unknown and potentially malicious files, and keep separate backups of anything valuable to avoid needing to pay a ransom.

How well do you really know your competitors?

Access the most comprehensive Company Profiles on the market, powered by GlobalData. Save hours of research. Gain competitive edge.

Company Profile – free sample

Thank you!

Your download email will arrive shortly

Not ready to buy yet? Download a free sample

We are confident about the unique quality of our Company Profiles. However, we want you to make the most beneficial decision for your business, so we offer a free sample that you can download by submitting the below form

By GlobalData
Visit our Privacy Policy for more information about our services, how we may use, process and share your personal data, including information of your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.

“To prevent this from happening, users should stay alert and make sure they have proper security solutions in place,” said Rashti.

“Keeping a backup of any important files in a trusted location is also a good habit to get into.”

For organisations, however, it is important to remember that ransomware is constantly evolving, and so companies need to be alert to new methods rather than rely solely on approaches that have worked in the past.

“Ransomware is a major source of income for cybercriminals,” said Rashti.

“This means they are constantly innovating and investing in new attack methods to overcome target organisations’ security solutions. Rather than reacting once an attack has taken place, organisations must always be on guard and be prepared for any possible scenario.”


Read more: Victims of a ransomware attack should “never pay off the ransom”