SuperCrypt Ransomware is a dangerous computer infection that gets distributed by a Trojan. This ransomware program targets on Windows 2003 and Windows Server operating systems, so it is obvious that the infection looks for a considerable prey. Just like most of the ransomware infections, SuperCrypt Ransomware intends to force users into giving away their money, but the disturbing fact about this infection is that it usually succeeds in its plans. The reason is that SuperCrypt Ransomware encrypts important files that can be found on big servers, and so users end up paying the ransom fee to recover their files.
As mentioned above, SuperCrypt Ransomware gets distributed by a Trojan infection. It usually makes use of terminal exploits and then uses a request for open default RDP port 3398 to enter target system. You will know that your system’s security has been compromised immediately because when SuperCrypt Ransomware enters the system, it displays this message:
All your data – documents, photos, videos, backups – everything in encrypted.
The only way to recover your files – contact us via email@example.com
Only WE have program that can completely recover your files.
Attach to e-mail:
1. Text file with your code (“HOW TO DECRYPT FILES.txt”)
2. One encrypted file (please don’t send files bigger than 1 MB)
Most of the time, one would expect this kind of message to be a hoax devised in order to lure unsuspecting users into spending their money for nothing. However, as far as SuperCrypt Ransomware is concerned, this scheme actually works. European computer users, who reported to have been affected by this infection, said that their files really were decrypted when they contacted the hackers and transferred the 300 Euro fee in Ukash vouchers (or a Bitcoin).
It is practically impossible to avoid SuperCrypt Ransomware infection because it takes places manually. In other words, a target server gets hacked by a cybercriminal through a Remote desktop client or Terminal Services. On top of that, computer security programs cannot detect SuperCrypt Ransomware because all the installer files get deleted automatically once the file encryption is finished. This shows that users are left with nothing but an entire horde of encrypted files and no infection to deal with.
Since the SuperCrypt Ransomware’s creators seem to be choosing their targets manually, users can only hope that they don’t get infected with it. Having a secondary backup of all your sensitive files might save you from paying the ransom fee, but you should also consider investing in a powerful security system that could at least inform you about potential threats.