Home Malware Programs Ransomware BlackKnight2020 Ransomware

BlackKnight2020 Ransomware

Posted: September 4, 2020

The BlackKnight2020 Ransomware is a screen-locker Trojan that blocks the Windows UI with a pop-up until the victim pays its ransom. Users can ignore the ransom demand and restart their computers through methods that circumvent the Trojan's startup feature. Most Windows-compatible anti-malware tools should remove the BlackKnight2020 Ransomware in most cases.

A Knight Comes in Swinging at Windows Users

As competition to the more prominent, file-locking variety, screen-locker Trojans hold some minor advantages to their credit. Threats like the BlackKnight2020 Ransomware, while very limited concerning their attacks, can make almost as much money from targeting victims who don't know any better. This Windows Trojan further tips the scales in its favor with all-too-predictable, and believable, warnings in its alerts.

The BlackKnight2020 Ransomware has no familial relationship with any other Trojans but is readily comparable to other screen-blocking threats like the W1F1RANSOM Ransomware or the Ransom Prank Ransomware. As a Windows program, it generates a borderless, screen-sized pop-up window that 'locks' the screen and blocks the Windows interface, such as the Start Menu. It doesn't contain any features for deleting data (notable, as per its warning's contents) or locking files, as per malware experts' last investigations.

The alert gives the victim two hours for responding to the ransom demand, which is for one hundred USD in Bitcoin. The BlackKnight2020 Ransomware claims that it will delete the files after that time, precipitating a hasty and unwise ransom payment from the user. Like most criminals, this Trojan's author favors a free, encrypted, and anonymous e-mail service for these dealings.

Knocking Knights Off Their Steeds All Too Easily

Unlike a file-locking Trojan, which can block media files permanently, the BlackKnight2020 Ransomware causes no permanent or long-term data loss or drive damage. As a result, users have many options to work around the Trojan's payload and recover without any harm. Malware experts recommend restarting the computer directly from an appropriate recovery device, such as a free USB or using recovery features such as Windows Safe Mode.

Victims paying the cryptocurrency will find that refunds require consent from the other party. Additionally, there is some risk that the developer will not provide the password for 'unlocking' the computer. However, the latter is achievable just as readily, and more cheaply, by disinfecting the system.

This Trojan is of little note to the overall threat landscape and may never experience large-scale, global distribution. Despite its relative insignificance, respected anti-malware products should flag and remove the BlackKnight2020 Ransomware through their heuristic metrics.

The BlackKnight2020 Ransomware is a marauding knight that's just as deceitful as the fabled Black Knight of legend. Taking an attacker's word on his or her Trojan capabilities is a losing proposition for anyone on Windows – or most other brands of operating systems.

Loading...