KeyPass Ransomware: Since When Malware Authors Started Caring About ‘User Experience’?

KeyPass is a new ransomware threat that has hit at least 20 countries since August 7th and appears to be spreading still further by means of fake software installers.

The victim’s data is encrypted with a “.KEYPASS” extension and ransom notes are deposited in each directory that is successfully encrypted. The ransom note demands $300 and attempts to reassure the victim by offering to send proof of decryption ability in advance of payment. The victim is encouraged to send the attacker a sample of a small encrypted file. After doing so, according to the note, the victim will receive an unencrypted version of the file for free. Clearly, the attackers are adopting the same level of concern for ‘user experience’ as legitimate software developers in order to maximize their profits.
To read more, visit: https://www.sentinelone.com/blog/sentinelone-detects-keypass-ransomware/