Kindest Ransomware

Kindest Ransomware Description

The Kindest Ransomware is a file encoder Trojan that is designed to lock data on your computer and provide you with an educational video on what happened with your data. There is no ransom fee — you just need to watch the video, and the Kindest Ransomware would decode the data automatically. As you can imagine, the Kindest Ransomware may have an oxymoron for a name, but it is no joke. The authors of the Kindest Ransomware dispersed the Trojan to educate users on how ransomware works and how to secure your PC against the likes of the Kindest Ransomware. However, the Kindest Ransomware is based on the HiddenTear project, which is an open-source ransomware that was published on the Github.com platform back in 2015. The Kindest Ransomware can and will encode files on your system if you are unlucky and open documents from an unknown source featuring a bad macro script.

Security researchers warn users that the Kindest Ransomware may have been programmed to lock files and force users to watch an educational video, but that does not mean it should be classified as a WhiteHat ransomware. The Kindest Ransomware is equipped with custom AES, and RSA ciphers, which prevent reverse engineering a decryptor and it may be a matter of time before its authors start collecting Bitcoins in exchange for the decryption tool. You should take into consideration that the spam campaign that released the Kindest Ransomware Trojan to users is paid for and it is not likely that the authors of the Trojan paid for the campaign out of the goodness of their hearts entirely. It is plausible that the initial release of the Kindest Ransomware was a test run for a separate version that comes with support for 'Command and Control' servers and a ransom fee in Bitcoins. Also, the page for the 'video ransom' associated with the Kindest Ransomware was brought down soon after PC users reported the Kindest Ransomware to cyber security vendors. The ransom note for the Kindest Ransomware is shown as an image, which has a white skull on the left side and the following text on the left side:

'Hello
Your computer has been infected by the Kindest Ransomware ever.
We will not take your money or anything else from you. We just want you to be more aware of ransomwares about how it works. Now watch this video while we are doing everything a ransomware does.
If you want to be more aware go to [LINK IS DEAD]'

Computer users that wish to be prepared for attacks with the Kindest Ransomware should install a credible backup utility and export backup images to an external hard drive and clod-based storage solution like Google Drive/Dropbox/Mega. You may want to add a reliable anti-spyware shield that can block unsafe links and prevent access to pages that may host the Kindest Ransomware. Reports from an analysis performed on infected devices revealed that the Kindest Ransomware might run as 'PayUp.exe' from the Temp directory. AV tools may flag the files related to the Kindest Ransomware and present warning messages featuring the following names:

  • Ransom_HiddenTearKINDEST.A
  • SCGeneric_c.OY
  • TR/FileCoder.yecpg
  • Trojan.Win32.Generic!BT
  • W32/Diztakun.AXVZ!tr
  • Win32.Trojan.Agent.FQY0CX

Infected with Kindest Ransomware? Scan Your PC for Free

Download SpyHunter's Spyware Scanner
to Detect Kindest Ransomware
* SpyHunter's free version is only for malware detection. If SpyHunter detects malware on your PC, you will need to purchase SpyHunter's malware removal tool to remove the malware threats. Read more on SpyHunter. If you no longer wish to have SpyHunter installed on your computer, follow these steps to uninstall SpyHunter.

Security Doesn't Let You Download SpyHunter or Access the Internet?


Solutions: Your computer may have malware hiding in memory that prevents any program, including SpyHunter, from executing on your computer. Follow to download SpyHunter and gain access to the Internet:
  • Use an alternative browser. Malware may disable your browser. If you're using IE, for example, and having problems downloading SpyHunter, you should open Firefox, Chrome or Safari browser instead.
  • Use a removable media. Download SpyHunter on another clean computer, burn it to a USB flash drive, DVD/CD, or any preferred removable media, then install it on your infected computer and run SpyHunter's malware scanner.
  • Start Windows in Safe Mode. If you can not access your Window's desktop, reboot your computer in "Safe Mode with Networking" and install SpyHunter in Safe Mode.
  • IE Users: Disable proxy server for Internet Explorer to browse the web with Internet Explorer or update your anti-spyware program. Malware modifies your Windows settings to use a proxy server to prevent you from browsing the web with IE.

If you still can't install SpyHunter? View other possible causes of installation issues.

Site Disclaimer

Leave a Reply

Please DO NOT use this comment system for support or billing questions. For SpyHunter technical support requests, please contact our technical support team directly by opening a customer support ticket via your SpyHunter. For billing issues, please refer to our "Billing Questions or Problems?" page. For general inquiries (complaints, legal, press, marketing, copyright), visit our "Inquiries and Feedback" page.

IMPORTANT! To be able to proceed, you need to solve the following simple math.
Please leave these two fields as is:
What is 2 + 6 ?