malwerbyte

You’ve probably heard of the popular anti-malware program called Malwarebytes. Recently, there’s been a misspelled version of the app going around called Malwerbyte, which has ransomware hidden in it. The ransomware it contains is called DetoxCrypto, and there’s already a second variant dubbed Calipso. The two variants of ransomware were first discovered back in August. The Calipso version takes a screenshot of the victims computer and a Pokémon GO-themed encrypter.

Christopher Boyd, a security researcher at Malwarebytes, explains the ransomware could be planning something big for the near future:

What we’re seeing at the moment is what appears to be a kind of trial run for ransomware distribution. There’s a couple of Detox Ransomware files doing the rounds, and though they’re all broken in terms of functionality and / or download / dropper URLs, it’s still a possible sign of things shortly coming around the corner and worth giving a heads up on.

The current versions of Malwerbyte that’s floating around are broken and don’t actually encrypt the victim’s files. This should make it fairly easy to clean and remove for the time being. As with any ransomware though, it is sure to evolve and get fixed to where it’ll encrypt the victim’s files.

Source: Malwarebytes Blog