KeyPass ransomware spreads worldwide

A nasty strain of ransomware dubbed KeyPass has been infecting computers around the world.

Security researchers from Kaspersky Lab spotted KeyPass infections and activity in more than 20 countries between August 8 to August 10. Kaspersky said Brazil and Vietnam were the hardest hit, followed by victims in Europe and Africa.

The ransomware appears to have been distributed via a harmless installer, which is used to install malware onto the victim’s system. The motive is unclear although there are no political or racial reasons for the attacks. 

The attackers have demanded $300 in ransom payment in return for the files. Although the price tag is only valid for first 72 hours. 

KeyPass also does not discriminate on the types of files, but instead processes various folders of content and leaves an encrypted file with extension .keypass.

A decryption tool is not yet available at time of Kaspersky report.

Users are encouraged not to pay the ransom and to take proactive measures to protect against KeyPass infections. For example, user should perform consistent data backups, have up-to-date anti-malware software and don’t download programs or click on links from suspicious sites.

Leave a Reply