Konx Ransomware

Posted: November 18, 2020

Konx Ransomware Description

The Konx Ransomware is a file-locking Trojan that's part of a family called Void Ransomware and VoidCrypt Ransomware. The Konx Ransomware can stop most files from opening by encrypting them using a method without any free solutions. Users should have backups for recovering any blocked files and designate appropriate security services for removing the Konx Ransomware installations.

Watching Files Vacation in the Void

The small but up-and-coming family of Trojans VoidCrypt Ransomware (or Void Ransomware) maintains a steady level of activity over the year as new samples trickle in over weeks. The Konx Ransomware campaign is more proof of the Trojan group's viability for attacks in November, which may block most of the data on an infected Windows computer. Although its circulation exploits are open for further investigation, malware experts can confirm its payload as strikingly similar to past Void Ransomware variants.

Comparable threats within the same family include the Exploit Ransomware, the Lalaland Ransomware, the Peace Ransomware, and the Spade Ransomware, most of which use similar ransom notes. The Konx Ransomware, like them, can encrypt most files on Windows systems, although it prefers media such as pictures and documents. While doing so, it also changes their extensions by adding new information: the Trojan's campaigning name, an ID and an e-mail.

The Konx Ransomware generates an HTA file in folders with encrypted files, such as the Windows Pictures directory. This pop-up message delivers a Bitcoin ransom demand with a two-day deadline before increasing. Besides repeating the ID and e-mail address, though, victims have no tangible information such as a cost. Attackers may haggle over the price or base it on the media's value that the Konx Ransomware blocks.

Diminishing Trojan Influence over Windows Media

The Konx Ransomware predominantly harms Windows systems by locking their files without the owner's permission. Nonetheless, its payload also may conduct other attacks – mostly command-line-based – that disable security features, turn off server management software, or delete backups and forensic data. Users should implement security procedures that block most infection attempts from the beginning rather than anticipate that a full reversal of the damage is necessary. Malware experts, particularly, emphasize the absence of a free decryptor or unlocker for the Konx Ransomware's family.

Both home users and business entities should guard all network and at-risk accounts with password requirements resistant to brute-forcing. Users also can avoid likely infection vectors such as e-mail attachments using macros, unofficial software updates, or illicit torrents. For more passive cases, such as Exploit Kit-based attacks, users might consider updating their software and turning off some features, such as JavaScript and Flash.

Happily, most PC security products will delete the Konx Ransomware as of current sample detection rates adequately and prevent the encryption from loading in the first place.

As the VoidCrypt Ransomware family increases its share of the threat landscape, members like the Konx Ransomware offer threat actors fresh opportunities. Speculation on the Konx Ransomware's arrival method is less helpful than the usual backup on a place that this Trojan can't affect.

Use SpyHunter to Detect and Remove PC Threats

If you are concerned that malware or PC threats similar to Konx Ransomware may have infected your computer, we recommend you start an in-depth system scan with SpyHunter. SpyHunter is an advanced malware protection and remediation application that offers subscribers a comprehensive method for protecting PCs from malware, in addition to providing one-on-one technical support service.

Download SpyHunter's Malware Scanner

Note: SpyHunter's free version is only for malware detection. If SpyHunter detects malware on your PC, you will need to purchase SpyHunter's malware tool to remove the malware threats. Learn more on SpyHunter. If you would like to uninstall SpyHunter for any reason, please follow these uninstall instructions. To learn more about our policies and practices, visit our EULA, Privacy Policy and Threat Assessment Criteria.

Why can't I open any program including SpyHunter? You may have a malware file running in memory that kills any programs that you try to launch on your PC. Tip: Download SpyHunter from a clean computer, copy it to a USB thumb drive, DVD or CD, then install it on the infected PC and run SpyHunter's malware scanner.

Home Malware Programs Ransomware Konx Ransomware

Leave a Reply

Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter. If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.