Konx Ransomware
The Konx Ransomware is a file-locking Trojan that's part of a family called Void Ransomware and VoidCrypt Ransomware. The Konx Ransomware can stop most files from opening by encrypting them using a method without any free solutions. Users should have backups for recovering any blocked files and designate appropriate security services for removing the Konx Ransomware installations.
Watching Files Vacation in the Void
The small but up-and-coming family of Trojans VoidCrypt Ransomware (or Void Ransomware) maintains a steady level of activity over the year as new samples trickle in over weeks. The Konx Ransomware campaign is more proof of the Trojan group's viability for attacks in November, which may block most of the data on an infected Windows computer. Although its circulation exploits are open for further investigation, malware experts can confirm its payload as strikingly similar to past Void Ransomware variants.
Comparable threats within the same family include the Exploit Ransomware, the Lalaland Ransomware, the Peace Ransomware, and the Spade Ransomware, most of which use similar ransom notes. The Konx Ransomware, like them, can encrypt most files on Windows systems, although it prefers media such as pictures and documents. While doing so, it also changes their extensions by adding new information: the Trojan's campaigning name, an ID and an e-mail.
The Konx Ransomware generates an HTA file in folders with encrypted files, such as the Windows Pictures directory. This pop-up message delivers a Bitcoin ransom demand with a two-day deadline before increasing. Besides repeating the ID and e-mail address, though, victims have no tangible information such as a cost. Attackers may haggle over the price or base it on the media's value that the Konx Ransomware blocks.
Diminishing Trojan Influence over Windows Media
The Konx Ransomware predominantly harms Windows systems by locking their files without the owner's permission. Nonetheless, its payload also may conduct other attacks – mostly command-line-based – that disable security features, turn off server management software, or delete backups and forensic data. Users should implement security procedures that block most infection attempts from the beginning rather than anticipate that a full reversal of the damage is necessary. Malware experts, particularly, emphasize the absence of a free decryptor or unlocker for the Konx Ransomware's family.
Both home users and business entities should guard all network and at-risk accounts with password requirements resistant to brute-forcing. Users also can avoid likely infection vectors such as e-mail attachments using macros, unofficial software updates, or illicit torrents. For more passive cases, such as Exploit Kit-based attacks, users might consider updating their software and turning off some features, such as JavaScript and Flash.
Happily, most PC security products will delete the Konx Ransomware as of current sample detection rates adequately and prevent the encryption from loading in the first place.
As the VoidCrypt Ransomware family increases its share of the threat landscape, members like the Konx Ransomware offer threat actors fresh opportunities. Speculation on the Konx Ransomware's arrival method is less helpful than the usual backup on a place that this Trojan can't affect.
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.