Kiss Ransomware
The Kiss Ransomware is a file-locking Trojan and a possible new version of the Paradise Ransomware. In either case, its payload will block your PC's files by encrypting them, and the process can be irreversible. Suitably-secure backup standards are ideal for recovering lost data, although anti-malware software from most companies should delete the Kiss Ransomware immediately.
Unsolicited Affection for Monetary Reasons
What might be a new variant from the Paradise Ransomware's Trojan-generating kit is out in the wild and attacking victims by unknown methods. Although this easily-constructed family of Windows Trojans is nowhere near the same numbers of sub-campaigns as, for instance, the Scarab Ransomware, it is no less threatening for being diminutive and carries with it unbreakable encryption attacks. Although it's too early for malware analysts' verifying this connection, they can confirm the Kiss Ransomware encryption feature and related ransoming modus operandi.
The Kiss Ransomware locks multiple formats of files, with documents, pictures, music, and movies being traditional examples of digital 'captives.' It does this by sending them through an encryption routine that omits the first twenty-four bytes of data, but converts the rest, along with adding '
Other elements of the Kiss Ransomware's payload are cut down from the Paradise Ransomware's more verbose equivalents. The software creates an HTML file with a request to contact the previous e-mail in English and doesn't elaborate on a ransom amount or payment method. It also provides Telegram support for an alternative communication method – an increasingly popular choice among file-locker Trojans' campaigns.
Declining Kisses from Encryption-Sharing Trojans
For now, malware researchers can't narrow down potential targets of the Kiss Ransomware's attacks, other than by noting that current ones are English speakers. Some causes of possible infections can include:
- Enabling macros in corrupted documents or spreadsheets.
- Not installing security patches.
- Running browser scripts indiscriminately (such as on piracy websites).
- Downloading illicit programs through torrents.
- Using non-secure passwords for login credentials.
- Leaving the Remote Desktop open to third parties.
Most users can avoid all of these dangers by paying attention to best practices while browsing the Web or administrating their local servers, websites, and networks. Since decrypting the Kiss Ransomware's blocked content is possibly non-feasible, malware experts are recommending preventative action strongly, including establishing appropriate backups.
Anti-malware products should remove the Kiss Ransomware and related threats, such as RATs, but can't unlock or decrypt any media.
Whether or not the Kiss Ransomware is a new version of the Paradise Ransomware is only mildly relevant to its future victims. Preferably, they'll take the necessary precautions and keep their files from being in any long-term danger. Otherwise, the cost can be all of their data – or a still-unknown ransom.
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.