A new variant of CryptoMix ransomare was detected yesterday by Malwarebytes malware researcher, Marcelo Rivero. This new variant appends .EXTE extension in the targeted files and encrypts it. However, this variant is very newly detected and still a lot of depth researches on it is till be done. It is still unknown how many PC users have been infected with it till now. And if you are also the one facing this malware encryption and have decided to pay the ransom for decryption key then do send us the Decrypter key so that our research team can take a look at it.
Modifications in the Exte CryptoMix Ransomware Variant
Overall, the encryption algorithm is same as compared to the earlier version. The major notable difference is in the ransom note file name which is now _HELP_INSTRUCTION.TXT. It contains new contact email ID namely firstname.lastname@example.org, email@example.com, or firstname.lastname@example.org for payment details. The next change is of course the extension name which is now .exte. It uses the same 10 public RSA encryption keys as was used in the earlier AZER version. Any of these keys is selected to encrypt AES Key which is used to encrypt the targeted files. This way, this ransomware can work Offline even if there is no network communication.
So, anyone of you gets infected with this newly version then do contact us for our experts reviews and information’s.