large image

Trusted Reviews is supported by its audience. If you purchase through links on our site, we may earn a commission. Learn more.

KeyPass ransomware is infecting computers around the world

A new form of ransomware is spreading fast. KeyPass – a variant of the STOP ransomware – has managed to hit hundreds of computers in more than 20 countries since first emerging on August 8.

Researchers from Kaspersky Lab have taken a look at KeyPass (distinct from KeePass – a popular and safe password manager), and found a hidden additional option where attackers can take control of an infected system, which hints at more advanced attacks to come.

Read more: Best smartphone

Other than that, it’s a pretty familiar ransomware story. Once infected, the computer gets to work encrypting all of a user’s files in a key only known to the hackers.

A ransom note is left on the computer’s desktop demanding the victim contact the cybercriminals for instructions of how to pay a $300 fee in order that their files are returned to them. The note hints that the price will increase if the victim doesn’t make contact within three days.

A black and white picture of a group of people standing in front of an officeA foldable phone on left tagged as winners with a Vive VR on right tagged as losers

As KeyPass turns a legitimate part of computer security – encrypting files – against the user, there’s not a great deal that can be done once a user has been infected. The best means of defence is ensuring you don’t get infected with ransomware in the first place, and in this case, that means being vigilant about software downloads.

Plus, if you regularly backup your important files to a non-connected drive, you’ll be in a position to ignore these extortion attempts when they come in.

Security experts advise victims not to pay the ransomware criminals if they’re extorted. This is partly because it encourages crooks to keep at it, and partly because it can also mark you specifically as a target who is likely to pay up, increasing attacks aimed specifically at you.

Plus, of course, you’d be putting your faith in a criminal, and there’s no guarantee they will actually unlock your files even if you pay up the ransom in full.

Have you ever been infected with ransomware? How did it turn out? Let us know on Twitter @TrustedReviews.

Why trust our journalism?

Founded in 2004, Trusted Reviews exists to give our readers thorough, unbiased and independent advice on what to buy.

Today, we have millions of users a month from around the world, and assess more than 1,000 products a year.

author icon

Editorial independence

Editorial independence means being able to give an unbiased verdict about a product or company, with the avoidance of conflicts of interest. To ensure this is possible, every member of the editorial staff follows a clear code of conduct.

author icon

Professional conduct

We also expect our journalists to follow clear ethical standards in their work. Our staff members must strive for honesty and accuracy in everything they do. We follow the IPSO Editors’ code of practice to underpin these standards.