The Crypt0L0cker Ransomware is a threat whose ransom note has been seen in German, English and Italian variants. There’s no information whether the different language versions belong to different authors, but there is one thing for sure – the Crypt0L0cker Ransomware is a threat that must be kept off of your computer if you want to avoid the problems it is able to cause. Just like other members of the ransomware family like the ‘.locky File Extension’ Ransomware or the Project34 Ransomware, the Crypt0L0cker Ransomware also relies on a complex encryption routine to prevent victims from accessing their files. While previous versions of the Crypt0L0cker Ransomware often used the ‘.enc’ extension to mark encrypted files, the German variant uses the ‘.encrypted’ extension to mark the locked data. As for the name of the threat, the author has probably opted to use Crypt0L0cker Ransomware since it may trick some users into thinking that they’ve become victims of CryptoLocker Ransomware – one of the most notorious and harmful pieces of crypto-threats. However, it is certain that the Crypt0L0cker Ransomware has nothing to do with the original CryptoLocker project, nor with the people behind it.
There are speculations that Crypt0L0cker Ransomware may be the successor of the TorrentLocker Ransomware, a threat that gained a lot of attention from malware researchers in 2014. Both the Italian and German versions of the Crypt0L0cker Ransomware instruct users to visit a website via the TOR browser, where they can find more about the situation they are in, as well as how much money they need to pay to get their data back. The German Crypt0L0cker Ransomware that was discovered in March 2017 asks for a ransom sum of 0.33 BTC (€399), but the page says that failing to make the transaction in time will result in the increase of the ransom fee to €799 (0.66 BTC).
Unfortunately, the German Crypt0L0cker Ransomware is still being analyzed, and there’s no way to tell for sure whether its encryption routine is the same as the one used by TorrentLocker. If they turn out to be identical, then it is very likely that malware experts will be able to modify the TorrentLocker decryptor so that it will work with the most recent version of the Crypt0L0cker Ransomware. Until then, victims of the Crypt0L0cker Ransomware should remember that sending money to cyber crooks is never a good idea. Even if the Crypt0L0cker Ransomware’s author receives the payment, there’s nothing to stop them from taking the money and abandoning the victim’s files in their encrypted state. If your files were locked by the Crypt0L0cker Ransomware, then you should use a reputable anti-virus software suite to eliminate the threat, and then use either a Crypt0L0cker Ransomware decryptor (if one becomes available) or other 3rd-party file recovery utilities to get your data back.