The ransomware behind the encrypting and renaming of your files to include the .crypz extension is a virus that goes after users under Windows systems. This ransomware is called CryptXXX 3.0, this program crypts files that would be more likely to be user’s files based on their extensions, for example pdf, ppt, xls, doc, jpeg, etc… After this is done, CryptXXX 3.0 will show the user a message where it will offer the possibility to decrypt these files in exchange of 2.4 bitcoins, which is more or less something close to 1,000 euros.
This ransomware goes beyond encrypting local files, by also affecting files in shared network units, USB media devices, external hard drives, and even some cloud file services. It is clear then that any computer infected by CryptXXX 3.0 that has access to work network units can become the source of infection for those shared files that will also be renamed to included the .crypz extension.
If you have been affected by CryptXXX 3.0 and you find yourself now with your files being encrypted, we strongly advice you not to pay any ransom whatsoever. Even if you pay and get the access back to your files, nothing guarantees you that the program will be removed from your computer and might come back at some point in the future.
As we write this lines, there’s no tool available yet to decrypt files with the .crypz extension, however we advice you to keep them in a USB device, there’s still chance that some tool could be created in the near future.
In the mean time, we recommend to remove CryptXXX 3.0 as soon as possible.
View full solution