KeyPass Ransomware which was first identified early this month is said to have spread to hundreds of victims in more than 20 countries around the world through phony software installers. And security experts say that the malware is coded in such a way that it allows its authors to launch cyber attacks on a further note.
Researchers from Kaspersky Lab have examined KeyPass and found that that code of the said ransomware allows attackers to take manual control of the infected system. That means the infected machine can be used to launch more sophisticated attacks on un-infected networks.
Computing devices from Vietnam and Brazil are accounted for the highest percentage of Keypass Infections. And the said ransomware is said to have infected some PC users in Asia, Middle East, South America and Europe.
Surprisingly, the ransomware authors havenāt launched their ransomware attacks on PCs residing in the North American region.
As of now, the hackers spreading KeyPass are demanding $300 in exchange for the decryption key which will free up the database. But this deal will only be valid if the victim pays up the ransom within 72 hours of infection.
The contact email addresses handed over to the victims are from Switzerland and India and currently, a free decryption key for the said ransomware is unavailable.
Businesses which desire to isolate their networks from such nasty malware should opt for regular backups which can be revived on time. Thus, it eliminates the need to bow down to the hackers.
The law enforcement agencies such as FBI are discouraging users from paying up the ransom to the cyber criminals for ransomware decryption keys.
However, in reality, most of the victims chose to pay to avoid data loss and spending on recovery procedures.
