CATEGORIES
home News

Star Trek-Themed ‘Kirk’ Ransomware Beams Down With 'Spock' Decryptor

by Brandon HillFriday, March 17, 2017, 11:16 AM EDT

Set phasers to stun! New ransomware is making the rounds today, and it is adopting a Star Trek theme. Avast researcher Jakub Kroustek is credited with tracking down the Kirk ransomware, which wreaks havoc by encrypting your precious files and demanding payment to get those files back.

Unlike other ransomware, which often demands payment in the form of Bitcoins, Kirk instead insists that you fork over Monero, a cryptocurrency that is based on the CryptoNote protocol. According to BleepingComputer, this is the first ransomware to be tied to Monero.

kirk ransomware

“The problem is that [Monero] is only going to confuse victims even more,” writes BleepingComputer. “By introducing a new cryptocurrency into the mix, victims are just going to become more confused and make paying ransoms even more difficult.”

Kirk finds its way onto PCs by disguising itself as a popular network stress testing application called Low Orbital Ion Cannon (LOIC). After LOIC (which carries the filename loic_win32.exe) is activated, Kirk will then generate an AES password (which is encrypted with an RSA-4096 public encryption key) that encrypts files on the target PC.

Kirk currently will encrypt 625 different file types, and will append .kirk to the end of any file that matches.

kirk ransomware

So, how do you get your files back? Well, the ransom is 50 Monero (just over $1,100) if you pay within two days. If the ransom is not paid within that two-day time frame, the ransom doubles to 100. It doubles again to 200 during days 8 through 14, and rises to 500 Monero on days 15 through 30. If you haven’t paid the ransom after 31 days, the password decryption key is permanently deleted — that also means that your files will boldly go where no man has gone before.

If you do choose to pay the ransom, the Stark Trek references continue, as you will [allegedly] be provided with a program called “Spock” that will decrypt your files.

There are currently no known infections of Kirk that have been reported at this time, but be careful out there lest you become the first redshirt to bite the dust.

(Images Courtesy: Jakub Kroustek/Twitter)

Tags:  Ransomware, spock, kirk, monero
TOP CONVERSATIONS
Your Next PC Platform?
More Results
KEEP INFORMED
SITE

Home

Reviews

News

Blogs

Full Site

Sitemap

CATEGORIES

PC Components

Systems

Mobile

IT Infrastructure

Leisure

Videos

COMPANY

About

Advertise

News Tips

Contact

Privacy And Terms

HotTech

MORE

Accessibility

Shop

STAY CONNECTED

Twitter

Facebook

YouTube

RSS

As an Amazon and Howl Technologies Associate, HotHardware earns a commission from qualifying purchases made on this site. This site is intended for informational and entertainment purposes only. The contents are the views and opinion of the author and/or his associates. All products and trademarks are the property of their respective owners. Reproduction in whole or in part, in any form or medium, without express written permission of Hot Hardware, Inc. is prohibited. All content and graphical elements are Copyright © 1999 - 2024 David Altavilla and Hot Hardware, Inc.
All rights reserved. Privacy and Terms - Accessibility Commitment