Professional Video Converter, Video Editor, MXF Converter for Mac and other video tools Supplier
Home > Resource >

A New Variant of CryptoMix Ransomware Is Released That Uses .0000 Extension

A New Variant of CryptoMix Ransomware Is Released That Uses .0000 Extension

Security researchers discovered another version of the CryptoMix virus.

This variant adds the .0000 extension to all encrypted data files. Contact emails inside the ransom note are also new. New email addresses are:,, Victims should use them to contact the malware author in order to receive further payment instructions.

The ransom not name remains the same for this variant: _HELP_INSTRUCTION.TXT.

The most significant change is the new extension added to all encrypted files. As written above it is .0000 and new file names look like this: 130A93489346C21EC8BC280FEA32.0000

Once installed on victims’ PC, the .0000 variant of the CryptoMix ransomware requires no network communication and works offline. This is due to 11 public keys of the RSA-1024 format that are hard-coded in ransomware code. Those keys are utilized to encrypt the AES type key which encrypted the files.

Hackers spread the CryptoMix ransomware be means of spam campaigns targeting huge amounts of users. Although fewer and fewer people get tricked by this old method, CryptoMis still remains profitable to its creators.

For you to protect from any sort of ransomware, it is crucial to obtain safe Internet surfing and computer habits.

It is very important to have a recent reliable backup of your important files that can be quickly restored.

In addition, you should install and use security software that includes behavioral detection mechanism to fight ransomware. Heuristics and signature detections are not enough these days.

Be sure to practice the bellow security steps, that are often key to success:
● Do not click on attachments unless you contact the person who sent it.
● Scan all attached files with VirusTotal or similar tools.
● Install all Windows updates as soon as they get released.
● Systematically update other software like Flash, Adobe, Java.
● Use strong passwords. Do not reuse passwords for several websites.