For the past month, people infected with the CryptXXX ransomware had a way to recover their files without paying the hefty $500 fee to obtain the decryption key. On Tuesday, that reprieve came to an end.
Researchers from security firm Proofpoint said in a blog post that version 2.006 has found a way to bypass a decryption tool that has been freely available for weeks. The tool was provided by Kaspersky Lab and was the result of flaws in the way CryptXXX worked.
The crypto ransomware update effectively renders the Kaspersky tool useless, Proofpoint said. It did this with the use of zlib, a software library used for data compression. The new version also makes it harder to use the Kaspersky tool by locking the screen of an infected computer and making it unusable until the ransom is paid.