Kryptonite Ransomware

Posted: June 26, 2017
Threat Metric
Threat Level: 10/10
Infected PCs 59

Kryptonite Ransomware Description

The Kryptonite Ransomware is a Trojan that encrypts your files and asks you to pay money to recover them. This threat is disguising itself as an ASCII-based 'Snake' game to distract the user while it locks local content, and its ransoming method currently is non-functional. The simplest way to restore your files is to keep backups that Trojans can't encrypt or delete, and updated anti-malware programs should remove the Kryptonite Ransomware immediately.

Playing Games with Unpredictable Consequences

Usually, threat actors depend on stealth as their best protection from having threatening software identified, quarantined, and removed before their attacks finish. Minority incidents sometimes use other philosophies, however, such as distracting the victim with a fake update screen or game. The latter is the choice of the Kryptonite Ransomware, a particularly unusual, file-encrypting threat that entertains while attacking.

The Kryptonite Ransomware's file data suggests that it was an Israeli university student's pet project. The Trojan may be hiding as the same game it uses, initially, as its distraction: Snake, a game where the player must avoid colliding with his own, increasingly long tail.

Launching the Kryptonite Ransomware opens the text-based 'Snake' window. However, it also doubles as an output for the Kryptonite Ransomware's encryption scan, which merges the text of the encrypted file lines with the game's interface. The encrypting attack launches in a matter of seconds and allows the Kryptonite Ransomware to block arbitrary file types, such as DOC or JPG, by changing their internal data with a cipher.

The Trojan also gives its victims a Notepad ransom note that asks for payment to decrypt and unlock their media. Unlike similar file-encrypting threats, the Kryptonite Ransomware doesn't change the filenames, even by adding extensions, which could delay the victim's realization that their media isn't readable substantially.

Extracting a Snake from Your File System

Current versions of the Kryptonite Ransomware omit the ID-generating executable that victims need to receive the decryptor, which makes paying the ransom, not just risky, but guaranteed not to give any results. Although malware experts have yet to confirm whether the Kryptonite Ransomware is using an RSA-based attack (as its message asserts), free decryption is unavailable, for now. Backups are always the most secure method of keeping your files from being damaged by encryption, deletion or renaming.

The Kryptonite Ransomware isn't the only Trojan to use games to hide their real features. Previous threats with similar disguises sometimes circulate by masking their installers as being gaming software or bundling with other programs. Downloading your files from trustworthy hosts and scanning suspicious content with security software can help you detect and remove mislabeled, corrupted files. Although detection rates for this Trojan are low, malware experts still recommend updating and running anti-malware scans for uninstalling the Kryptonite Ransomware from an infected PC.

With the gaming industry in a boom and more products available at lower prices than ever, there's almost no reason to look for legally questionable gaming downloads. Stay to safe venues for your entertainment, and you'll be all the less likely to deal with ransoms from the Kryptonite Ransomware.

Use SpyHunter to Detect and Remove PC Threats

If you are concerned that malware or PC threats similar to Kryptonite Ransomware may have infected your computer, we recommend you start an in-depth system scan with SpyHunter. SpyHunter is an advanced malware protection and remediation application that offers subscribers a comprehensive method for protecting PCs from malware, in addition to providing one-on-one technical support service.

Download SpyHunter's Malware Scanner

Note: SpyHunter's free version is only for malware detection. If SpyHunter detects malware on your PC, you will need to purchase SpyHunter's malware tool to remove the malware threats. Learn more on SpyHunter. If you would like to uninstall SpyHunter for any reason, please follow these uninstall instructions. To learn more about our policies and practices, visit our EULA, Privacy Policy and Threat Assessment Criteria.

Why can't I open any program including SpyHunter? You may have a malware file running in memory that kills any programs that you try to launch on your PC. Tip: Download SpyHunter from a clean computer, copy it to a USB thumb drive, DVD or CD, then install it on the infected PC and run SpyHunter's malware scanner.

Related Posts

Home Malware Programs Ransomware Kryptonite Ransomware

Leave a Reply

Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter. If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.