CrypBoss
NJCCIC Threat Profile
Original Release Date: 2016-07-06
CrypBoss is a family of ransomware that includes the HydraCrypt and UmbreCrypt variants. This family targets Windows OS and is distributed via the Angler Exploit Kit. They all delete Shadow Volume Copies to prevent file restoration and use AES encryption to lock victims’ files. Differences include appended file extensions (.hydracrypt_ID_[8 random characters] and .umbrecrypt_ID_[victim_id]) and the way in which the ransom notes are written. HydraCrypt threatens to release victims’ private data on the Dark Web.
Featured Content
- Sextortion & Romance Scams Continue with New Tactics>
- Increase in Reports of Gift Card Scams>
- Phishing-as-a-Service Operation Identified>
- Vaccination Lures in Recent Phishing Campaigns>
- Cryptocurrency Scams Increase>
- FortiGate SSL-VPN Credentials Leaked by Threat Actors>
- Microsoft Patches Several Actively Exploited Flaws>
- Updates Available for Actively Exploited Flaws in Apple Devices>
- Back-to-School Cybersecurity>
- Test Your Cybersecurity Knowledge - Take Our Cyber Quiz Today>
The NJCCIC is a component organization within the New Jersey Office of Homeland Security and Preparedness. We are the State's one-stop-shop for cyber threat analysis, incident reporting, and information sharing and are committed to making New Jersey more resilient to cyber threats by spreading awareness and promoting the adoption of best practices.
View our Privacy Policy here.
View our Site Index here.