![CryptBIT 2.0 ransom note:
Hello!
Now your files are crypted with the strongest millitary algorithms RSA4096 and AES-256.
In addition, all encrypted files have been sent to our server
and in the event of non-payment within 7 days,they will be made public.
Warning!
Do not rename encrypted files.
Do not try to decrypt your data using third party software.
You can only do damage to your files, lose your money and time.
In order to confirm that we are not scammers, you can send 2-3 files to the email address below.
Files should be less than 5 MB and contain no valuable data (Databases, backups, large excel sheets, etc.).
Please don't forget to write the name of your company in the subject of your e-mail.
You will receive decrypted samples.
To recover all files you must contact us for a private quote by the contact email.
You have to pay for decryption in Bitcoins.
P.S. Remember, we are not scammers.
We don't need your data or information but after 7 days all files and keys will be deleted automatically.
Write to us immediately after infection
All your files will be restored. We guarantee.
Contact email:
cryptbit2.0@protonmail.com
BTC wallet:
[REDACTED]
Have a nice day
CryptBIT 2.0 ransomware group
This is the end of the note. Below is a guide explaining how to remove CryptBIT 2.0 ransomware.](https://www.computips.org/wp-content/uploads/2022/11/how-to-remove-cryptbit-2.0-ransomware.png)
What is CryptBIT 2.0 ransomware?
As the name suggests, CryptBIT 2.0 is the second version of CryptBIT ransomware. The virus has changed somewhat since the first version, but the core behavior is obviously the same; it encrypts the files and demands payment in exchange for decrypting them. It renames the affected files, giving them .cryptbit file extension, the same as in the first version.
Since these two versions share the same encrypted file extension, the best way to distinguish between them is the ransom note. In this new version, it is called “CryptBIT2.0-restore-files.txt”. A copy of this note gets placed in every folder on the infected computer. You can read the full text of this note on the image above, should you need reference.
To summarize, the note doesn’t name a price; the victim is instructed to contact the hacker to get a quote. That is because CryptBIT 2.0 explicitly targets companies. The note also threatens those who choose not to comply with these demands, but the threats are inconsistent. The first threat mentions that the files will be made public, but the second says they will be deleted.
Whether to pay the hackers or not is each victim’s decision. That said, paying is risky; it is quite common for these criminals to not give the files back. For alternative ways to remove CryptBIT 2.0 ransomware and decrypt .cryptbit files, read the guide below.