Kraken Cryptor Ransomware Masquerading as SuperAntiSpyware Security Program

Kraken Cryptor Ransomware : Latest Ransomware That Compromises PC Wide

Recently in the month of August 2018, a new Kraken Cryptor Ransomware has been discovered. It comes with several variant but the new and latest variant is known as Kraken Cryptor 1.5. after the depth analysis, security researchers revealed that Kraken Cryptor Ransomware is masquerading as the legitimate SuperAntiSpyware anti-malware program that always tries to trick System users into downloading and installing it.

The installer of Kraken Cryptor Ransomware is spotted as SUPERAntiSpywares.exe executable file whereas the file name for legitimate SuperAntiSpyware Free Installer is SUPERAntiSpyware.exe. The only difference between two names is addition of s to malicious executable file. It is too much important to note that SUPERAntiSpyware.exe is not continued and compromised to install legitimate version of the SuperAntiSpyware. So, the Computer users who installed the SuperAntiSpyware through normal links were not affected.

Know How Does Kraken Cryptor Ransomware Encrypt PC

Kraken Cryptor Ransomware deliver good insight on how to locks user PC due to the embedded configuration file that is easily exported. Such a configuration file includes the list of modules and if they are enabled, processes to stop, emails, public encryption key, file extensions to lock, ransom prices and many more to be skipped that won’t be locked. When executed, Kraken Cryptor Ransomware will perform the series of procedure

First of all, Kraken Cryptor Ransomware will create a file in C directory called C:\ProgramData\Safe.exe and then after execute it. After that it will enumerate the list of all Event Viewer logs and redirect output to C:\ProgramData\EventLog.txt file. It is also capable to check language and location of victim then after it starts encryption procedure. It locks almost all file type and then after it make then inaccessible or no longer openable. Upon locking System file, it creates a ransom note entitled as # How to Decrypt Files.html in each folder. Ransom note includes a unique victim key and the instruction on how to make 0.125 bitcoin ransom payment

Is File Recovery of Kraken Cryptor Ransomware Possible?

Unfortunately, there is no any way to decrypt files that locked by Kraken Cryptor Ransomware. Affected users can only recover their files using backup copy. If you have a backup then you are lucky but if you have not then it is a bad news for you that there is no any chance to decrypt your file.

Tips To Prevent Yourself Against Kraken Cryptor Ransomware

  1. Use good security software and the computing habit.
  2. Keep a backup copy of your data on regular basis.
  3. Don’t open any unknown or suspicious attachment.
  4. Always update or upgrade your Windows OS.
  5. Use a strong and hard password for your social site.
  6. Make sure that you are using best security software etc.

Leave a Comment

Your email address will not be published. Required fields are marked *