CryptoDefense – malware that prevents access to personal files until ransom is paid

CryptoDefense (also known as HOW_DECRYPT.txt) is a very dangerous cyber infection, which belongs to the ransomware category. The most important thing about this virus is encrypting all your text files, videos, office documents, and similar data. As a result, none of the files can be opened until a unique key is provided by cybercriminals.
Of course, malware authors are unwilling to give it for free and ask for a ransom that needs to be paid in bitcoin cryptocurrency. Users allegedly then would receive a personal code that can enter into a pop-up window and decrypt all files automatically.
According to experts, CryptoDefense is still incapable of affecting Macs, but it can easily attack all Windows versions, such as:
- Windows XP
- Windows Vista
- Windows 7
- Windows 10, etc.
Similar to ransomware that was discovered before, this variant displays a huge alert after taking over its target PC system. This warning claims that all files were encrypted by CryptoDefense Software and says that the victim needs to obtain the private key to decrypt them.
Of course, this service is not for free – scammers ask paying $500 in bitcoins. If you fail to pay, they promise that after four days the ransom will be doubled. Unfortunately, there is still no method to decrypt files that were encrypted by the CryptoDefense virus. Therefore, you should always make sure that you have working backups prepared – they should be stored on a separate medium.
As soon as the virus enters the system, it encrypts data files and starts showing this notification:
All files including videos, photos and documents on your computer are encrypted by CryptoDefense Software.
Encryption was produced using a unique public key RSA-2048 generated for this computer. To decrypt files you need to obtain the private key.
The single copy of the private key, which will allow you to decrypt the files, located on a secret server on the Internet;
the server will destroy the key after a month. After that, nobody and never will be able to restore files.
CryptoDefense instructs people how they can pay the ransom and purchase a tool for decryption. For that, they need to visit specific site, enter their unique key and then reveal how much bitcoins they need to pay. As we have said, delaying this may increase the amount of ransom and instead of $500 you may have to pay $1,000 in bitcoins.
Instead, remove ransomware with FortectIntego or another tool, and then use alternative methods for data recovery we provide below.

Ransomware distribution and prevention methods
Ransomware is possibly on the most devastating computer infections in the wild. It became one of the most lucrative illegal businesses around, and there are new strains emerging every day. One of the most damaging ransomware features is that the elimination of malware would not restore files to their previous states. The encrypted data requires a unique key that is in the possession of cybercriminals behind the attack.
That's why you need to understand how to avoid ransomware. The most important thing in this situation is to ignore all unfamiliar emails that typically report about nonexistent purchases, payments, and similar things that could make people click on the malicious link.
Similarly to CTB Locker, CryptorBit, and CryptoLocker viruses, it may also enter your PC in a bundle with fake Flash and Java updates, so ignore all unexpected alerts offering downloading them for free.
Delete CryptoDefense ransomware before attempting file recovery
If you need to remove CryptoDefense from your computer, you need to perform a full system scan with powerful anti-malware software, such as SpyHunterCombo Cleaner. FortectIntego can also be useful when dealing with virus damage to the system files. If the malware is interfering with its functions, you can try accessing Safe Mode with networking, as explained below.
After CryptoDefense removal, you should restore all your files from backups. Unfortunately, most people don't have adequate backups prepared, and end up losing their data after a ransomware attack. Not all hope is lost, however, – we provide a few alternative methods that might help you to recover at least some of your lost files.
Also, you should start thinking about the prevention of such infections. For that, you can use the previously mentioned programs. Besides, don't forget to think about the immunity of your files and backup. For that, you can use:
- USB external hard drives, CDs, DVDs;
- rely on online backups, such as Google Drive, Dropbox, Flickr, and other solutions.
Was this guide helpful?
1 comment