KeyPass Ransomware Advisory

A new ransomware infection has been reported as being on the rise. Known as KeyPass, it is infecting systems at a rapid pace. According to Kaspersky security researchers, from the time of August 8th to August 10th, this ransomware has been detected in over 20 countries and is continuing to spread. keypass-ransomware-blog-post-image KeyPass is infecting systems by parading itself as an e-book or a game mod installer. Once the installer is opened, KeyPass will gain access to the system and will begin encrypting files.

According to an article on, KeyPass infects almost all of the files on the infected system, whereas other ransomware will only infect certain files. After the files have been encrypted, a text document will be created with instructions on how to recover the files. To prove the files can be decrypted, the victim can send 1-3 files to the e-mail provided and they will be decrypted for free. The cyber-criminals demand a payment to decrypt the remainder of the files.

It is recommended that a victim infected with ransomware never pay the cyber-criminals any ransom for their files. There is no guarantee that the files will be decrypted after payment has been sent. Security experts highly recommend keeping regular backups of personal files to combat a ransomware attack. It is also recommended to not open or run any file from which the origin is unknown.

If you would like more information about ransomware or would like assistance in configuring a backup solution for sensitive and important business or personal files, please feel free to contact one of our friendly IT support technicians at (920) 569-2681. If you live in the greater Green Bay / De Pere area, you can stop in and see us for some advice at our office located at 400 Reid Street in De Pere, WI.