Aside from the above, CRYPVAULT also manages to extract stored login passwords for Internet Explorer, Firefox, Safari, Opera and Chrome, through downloading and opening the Browser Password Dump hacking tool.
What is more distinct about this malware is that the ransomware was written in batch scripts while the downloader, in JavaScript. According to Marcos, opting not to use C++, C# or any programming language means CRYPVAULT does not need to import any library nor create function as the scripts are executed one line after another. Accordingly, this effectively shows how easy a ransomware can be created by anyone.
With the threats of CRYPVAULT laid down, Marcos still recommends to rebuild a recent backup instead of paying the ransom. He adds that paying the ransom does not in any way guarantee that the victim will recover the correct keys.
via New crypto-ransomware encrypts files then disguises them as quarantined.
Indiĝenaj Inteligenteco 