Kraken Cryptor Ransomware
The Kraken Cryptor Ransomware is a very well-crafted file-encryption Trojan, which utilizes a unique combination of encryption algorithms and randomly generated keys to ensure that malware researchers will not be able to crack the cipher they use. Unfortunately, their attempts have been successful, and it is very unlikely that we will get access to a free decryption tool for the Kraken Cryptor Ransomware unless its authors decide to release one.
The propagation campaign used to spread the Kraken Cryptor Ransomware is already active, and the cybercriminals have managed to infect a dozen victims in different parts of the world. The interesting part is that the Kraken Cryptor Ransomware uses a very detailed configuration file, which allows the attackers to modify several of the threat's properties. It also has hardcoded settings, which are used to make sure that it will never infect computers in Russia and the surrounding countries. The ransomware also will terminate a large number of processes associated with database software automatically, therefore ensuring that its encryption routine will be able to access and encrypt databases alongside other files. Last but not least, the authors of the Kraken Cryptor Ransomware have implemented a series of preliminary checks to ensure that their product is not being run in a controlled environment used to examine malware.
Elaborate Ransomware Uses Strengthened Encryption to Leave Victims Helpess
When the Kraken Cryptor Ransomware's attack is initiated it will proceed to encrypt over 300 unique file formats, and then modify their names by using the pattern '[NUMBER OF LOCKED FILES]-Lock.onion' (00000000-Lock.onion, 00000001-Lock.onion00000002-Lock.onion, 00000003-Lock.onion, etc.). Naturally, the attack will end by leaving behind a ransom note for the victim to read – '# How to Decrypt Files.txt.' This file is dropped in every directory, which contains encrypted files.
The contents of the ransom message reveal that the authors are willing to provide the victim with a decryption software in exchange for 0.125 Bitcoins (about $800). However, they do not provide any proof that the decryption of the files is possible, and we would not advise any victim of the Kraken Cryptor Ransomware to consider sending money to the cybercrooks. The authors have provided the addresses onionhelp@memeware.net and BM-2cWdhn4f5UyMvruDBGs5bK77NsCFALMJkR@bitmessage.ch as a way to contact them.
Unfortunately, cooperating with the Kraken Cryptor Ransomware's authors will not lead to anything positive. They will not be willing to help you for free, and you can rest assured that sending them money is a huge risk, which might not bring the desired results. The recommendation is to use the Kraken Cryptor Ransomware to eliminate the file-locker immediately, and then look for file recovery options. The only 100% sure way to get your files back is to use a recent backup. If a backup is not at one's disposal, then some 3rd-party file recovery utilities might be able to recover part of the files.
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.