'.MK File Extension' Ransomware
Posted: November 23, 2016
Threat Metric
The following fields listed on the Threat Meter containing a specific value, are explained in detail below:
Threat Level: The threat level scale goes from 1 to 10 where 10 is the highest level of severity and 1 is the lowest level of severity. Each specific level is relative to the threat's consistent assessed behaviors collected from SpyHunter's risk assessment model.
Detection Count: The collective number of confirmed and suspected cases of a particular malware threat. The detection count is calculated from infected PCs retrieved from diagnostic and scan log reports generated by SpyHunter.
Volume Count: Similar to the detection count, the Volume Count is specifically based on the number of confirmed and suspected threats infecting systems on a daily basis. High volume counts usually represent a popular threat but may or may not have infected a large number of systems. High detection count threats could lay dormant and have a low volume count. Criteria for Volume Count is relative to a daily detection count.
Trend Path: The Trend Path, utilizing an up arrow, down arrow or equal symbol, represents the level of recent movement of a particular threat. Up arrows represent an increase, down arrows represent a decline and the equal symbol represent no change to a threat's recent movement.
% Impact (Last 7 Days): This demonstrates a 7-day period change in the frequency of a malware threat infecting PCs. The percentage impact correlates directly to the current Trend Path to determine a rise or decline in the percentage.
| Threat Level: | 8/10 |
|---|---|
| Infected PCs: | 14 |
| First Seen: | November 23, 2016 |
|---|---|
| Last Seen: | August 9, 2022 |
| OS(es) Affected: | Windows |
The '.MK File Extension' Ransomware is a Trojan that blocks your files to force you into paying money for recovering them. Its attacks carry the traditional signals of a file-encrypting Trojan's infection, such as ransom messages, wallpaper hijackings and changes to extensions. PC operators already compromised can delete the '.MK File Extension' Ransomware with anti-malware tools and use a variety of recovery options to save their files.
A Stable of Trojans Seen Around the Globe
It seems that many con artists prefer to rent preexisting software or use freeware resources instead of taking the time to develop personal projects, as malware experts are witnessing with the continuing popularity of the Globe Ransomware. Derivations of this family, like the '.MK File Extension' Ransomware, conduct consistent sets of file-encrypting attacks while changing aesthetic and communication details to re-brand the Trojan. The '.MK File Extension' Ransomware is only one of the newest samples confirmed to be in distribution, following the path already created by others like the '.duhust Extension' Ransomware.
The '.MK File Extension' Ransomware's core function scans for files of types within a set list, such as DOC-based documents or JPG pictures. The '.MK File Extension' Ransomware encrypts that content with a cipher (based on Blowfish, rather than the much more widespread AES) and places a new '.MK' extension after any old extensions in the names. The attack blocks your data until you can decrypt or replace it, which gives the '.MK File Extension' Ransomware's threat actors an opportunity to make ransom money.
The '.MK File Extension' Ransomware generates extortion demands through its generated text files and its wallpaper image, which it hijacks the desktop background to display. Since malware analysts find the '.MK File Extension' Ransomware's family often capable of deleting default backups either partially or entirely, victims without any backups may not have any recovery options besides paying the ransom and hoping that the threat actors keep to their word.
Getting Rid of a Globe of Trojan Profiteering
The '.MK File Extension' Ransomware uses different extensions and contacts from past versions of the Globe Ransomware, but malware experts find no cases of its exerting any unusual, new features. Backups kept on drives not accessible to a Trojan attack (such as a password-protected server) should maintain their past efficiency at giving victims data recovery options without decryption. If decryption is needed, you should test free Globe Ransomware-specialized decryptors before resorting to rewarding these people with your money.
The '.MK File Extension' Ransomware may try to disable essential Windows features, such as the Startup Repair. PC users familiar with safe-reboot procedures, such as Safe Mode, should use them to disable most threats and let their anti-malware programs remove the '.MK File Extension' Ransomware during a system scan. In most cases, the original infection is detectable due to the changes in file names, wallpaper-hijackings and pop-up ransom messages.
The increase in activity from third-party threat actors makes it difficult to predict attacks like the '.MK File Extension' Ransomware's campaign. However, malware experts find that all network-accessible PCs can benefit from having standardized defenses, such as disabling scripts and analyzing downloads for potential threats.
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.