Try2Cry ransomware attempts on making its way to various windows systems

Try2Cry ransomware is repeatedly trying to make its way to several Windows systems.

Windows shortcuts and USB flash drives are being used by the ransomware to lure files on the system to infect themselves. Try2Cry ransomware is from the family of .NET ransomware and generally uses law enforcement and pop culture themes.

After infecting a device, Try2Cry ransomware will encrypt .doc, .ppt, .jpg, .xls, .pdf, .docx, .pptx, .xls, and .xlsx files, appending a .Try2Cry extension to all encrypted files.

Rijndael symmetric key encryption algorithm is used by the ransomware to encrypt the user files and it generates a hard coded encryption key. Try2Cry’s most interesting feature is its capability to infect and attempt to spread to other potential victims’ devices via USB flash drives.

The ransomware searches for a removal drive in the system and sends a copy of itself in the drive. Following this, ransomware hides all files on the removable drive and will replace them with Windows shortcuts (LNK files) with the same icon.

The ransomware also creates visible copies of itself on the USB drives and has an arrow shortcut sign in its icons. The shortcut symbol makes it easy to identify the ransomware from the flash drive data.

Install NPAV Total Security and protect your system from all such ransomware attacks. NPAV Total Security provides best in class security from all ransomware and malware attacks.

Use NPAV and join us on a mission to secure the cyber world.

Sharing is caring!

Leave a Reply

Your email address will not be published. Required fields are marked *