'.kali File Extension' Ransomware

The '.kali File Extension' Ransomware is a file-locker Trojan that can encrypt media like documents or images for stopping them from opening. Victims should ignore the Notepad ransoming message that the threat generates, and keep secure backups for recovering from infections without difficulty. Most anti-malware products should remove the '.kali File Extension' Ransomware or quarantine it without giving it any chances for attacking your files.

Hindu Goddesses Heading across the Cyber-Seas

A file-locking Trojan using the name of one of Hinduism's most iconic deities is attacking business systems as far away as the United States. The symptoms that the '.kali File Extension' Ransomware exhibits are generic sufficiently that malware experts could, potentially, end up connecting it to any of a variety of freeware or Ransomware-as-a-Service families, like Hidden Tear, the Globe Ransomware or the Crysis Ransomware. Its infection methods, also, still are unknown and require further reports and samples from any victims.

The '.kali File Extension' Ransomware is attacking Windows-based systems and may block documents, archives, pictures, or other media formats indiscriminately, while also adding the extension that the readers can see in its name. The latter symptom, which is a possible reference to the Hindu goddess Kali, has nothing in common with the rest of its payload or ransoming details, and seems a random choice by the threat actor. Although the '.kali File Extension' Ransomware claims that it's using the 'military-grade' AES-256, this claim is one that a variety of file-locker Trojans make, and malware experts can't corroborate it as being true, yet.

Publically-available statistics show the '.kali File Extension' Ransomware attacks against American-based businesses. The infection exploits that threat actors are prone to using for such targets include both spam e-mails and brute-force tools that break into vulnerable servers by estimating the login credentials. Malware experts recommend using sophisticated login combinations habitually and being careful around e-mail links and attachments – especially Word documents with macro content or PDFs – that could compromise their PCs, and, afterward, the rest of a local network.

Moving on from Attacks by a Goddess of Time

Kali is, among other things, symbolic of the passing of time in all of its contentious, positive and negative implications. Appropriately, the '.kali File Extension' Ransomware's campaign also shows some chronological confusion: its e-mail address is defunct, despite the last date of an attack being recent relatively. The threat actor has yet to collect any ransoms from the wallet address in its note as of December 12th, and malware experts continue recommending against paying Bitcoins or any other form of extortion for unlocking your media.

Restoring from backups or, in worst cases, free decryption with the help of reputable anti-malware researchers, should be the default solutions to infections. Users may consider preserving both encrypted data, as well as samples of the '.kali File Extension' Ransomware, after its quarantining, for analysis by the AV industry. Otherwise, let your anti-malware programs remove the '.kali File Extension' Ransomware for preventing more data loss.

The '.kali File Extension' Ransomware may include features that malware analysts can't confirm, yet, such as desktop-hijacking behavior, pop-ups, or more severe attacks than those, such as wiping backups and disabling security applications. Whatever its future may hold for the victims, however, rejecting implicit faith in a ransom note is part and parcel of maintaining your computer and all of its files secure.