Writers of CryptoConsole ransomware are continuously developing new variants of the strain. Security researchers have detected the latest version of CryptoConsole 3.0 a couple of days ago. The preliminary findings suggest that like the previous versions, it also locks down the screen and drops a ransom note on the display in the form of a screenshot of a text file. Researchers have noted that the operators have changed their contact IDs this time.
Operators are asking for a nominal ransom amount
The operators of CryptoConsole are playing with the psyche of affected users by demanding minimal extortion money ($50 dollars) for providing the decryption key. They also offer a free decryption of a single file of up to 10 MB to prove their authenticity as the orchestrators of the attack.
The small ransom amount will confound many people on how to deal with the situation. Either to pay the operators for providing the decryption key or to go for professional ransomware removal services, it will surely be difficult to choose.
To force people into not contacting professional ransomware removal services, the operators have mentioned in the ransom note that they will delete the files in case the user tries to decrypt the affected files on his own. We want to inform our readers that it’s just a scare tactic and nothing else. You must avail professional ransomware removal and recovery services after such attacks.
Compromised websites are used as the payload droppers for CryptoConsole 3.0
Instead of phishing, the operators of CryptoConsole 3 are using compromised web addresses to drop the payload on the users’ device. People with poor network security will become an easy target for CryptoConsole operators. File-sharing servers can also be used by the ransomware operators to deliver the cryptovirological code. So, make sure you don’t download any file from an unsecured web location and address.