KoKo Locker Ransomware
Threat Scorecard
EnigmaSoft Threat Scorecard
EnigmaSoft Threat Scorecards are assessment reports for different malware threats which have been collected and analyzed by our research team. EnigmaSoft Threat Scorecards evaluate and rank threats using several metrics including real-world and potential risk factors, trends, frequency, prevalence, and persistence. EnigmaSoft Threat Scorecards are updated regularly based on our research data and metrics and are useful for a wide range of computer users, from end users seeking solutions to remove malware from their systems to security experts analyzing threats.
EnigmaSoft Threat Scorecards display a variety of useful information, including:
Ranking: The ranking of a particular threat in EnigmaSoft’s Threat Database.
Severity Level: The determined severity level of an object, represented numerically, based on our risk modeling process and research, as explained in our Threat Assessment Criteria.
Infected Computers: The number of confirmed and suspected cases of a particular threat detected on infected computers as reported by SpyHunter.
See also Threat Assessment Criteria.
Threat Level: | 100 % (High) |
Infected Computers: | 5 |
First Seen: | December 26, 2016 |
Last Seen: | August 17, 2022 |
OS(es) Affected: | Windows |
The 'KoKo Locker' Ransomware is a Trojan that is used to encrypt the victims' files. The 'KoKo Locker' Ransomware is an encryption ransomware Trojan. Essentially, the 'KoKo Locker' Ransomware encrypts the victims' files to demand ransom in exchange for the decryption key. PC security researchers strongly advise computer users to avoid paying the 'KoKo Locker' Ransomware ransom and take preemptive measures to be protected against these attacks.
The After Effects of a 'KoKo Locker' Ransomware Infection
The 'KoKo Locker' Ransomware may be delivered using corrupted email attachments. Once the 'KoKo Locker' Ransomware has carried out its attack, the 'KoKo Locker' Ransomware displays the following ransom note:
'--- KoKoKrypt ---
All of your personal data got encrypted by KokoKrypt!
To unlock all your data of this computer, you have to do the following steps:
1. Get a Bitcoin Wallet
2. Get 0.1 BTC on it
3. Put your BTC Address below
4. Wait for decryption process
Payment may be delayed for 24/48 hours, so don't worry! You have 78h to pay!
After 78h, KoKoKrypt will uninstall itself and leave your files encrypted!
button "Pay using Bitcoin"
The 'KoKo Locker' Ransomware represents a real danger to the victims' files and wallets. The 'KoKo Locker' Ransomware essentially uses a strong encryption algorithm to take over the victim's computer and the files hostage. It then demands the payment of the ransom, as can be observed in the ransom note above. Even if one pays the ransom, it is unlikely that the people responsible for the 'KoKo Locker' Ransomware attack will help computer users recover their files.
How the 'KoKo Locker' Ransomware Attack Works
As soon as the 'KoKo Locker' Ransomware enters a computer, it begins encrypting the victim's files. The 'KoKo Locker' Ransomware does not need to establish a connection to its Command and Control server to begin encrypting the victim's files. The 'KoKo Locker' Ransomware uses the AES-256 and RSA encryption to make the victim's files completely inaccessible. The decryption key necessary to regain access to the files is stored on a remote server, inaccessible to the victim. The 'KoKo Locker' Ransomware tends to encrypt numerous files, including media files, databases, spreadsheets, text and office documents, pictures, eBooks, and numerous others. The files that have been compromised during the 'KoKo Locker' Ransomware attack will have the extension '.kokolocker,' making it simple to know which files have become encrypted.
Dealing with a 'KoKo Locker' Ransomware Infection
The 'KoKo Locker' Ransomware ransom of 0.1 BitCoin (approximately $90 USD at the current exchange rate) is not particularly high when compared to other ransomware Trojans. However, there is no guarantee that the people responsible for the 'KoKo Locker' Ransomware will keep their word and deliver the decryption key once the ransom is paid. They are just as likely to ask for more money or ignore the victim altogether. The claim that the files will be removed after 78 hours is probably not true, designed only to cause computer users to panic and take a rash decision.
The best way to deal with the 'KoKo Locker' Ransomware and other ransomware Trojans is to take preemptive action. Computer users should ensure that they have backups of all files stored on the cloud or an external memory device. Today, storage space is cheaper than it has ever been and having backups of important files is free, or only a tiny fraction of the cost of recovering from an attack like the 'KoKo Locker' Ransomware. Most importantly having a backup of all files makes computer users invulnerable to attacks like the 'KoKo Locker' Ransomware since con artists have no leverage to ask for a ransom payment if computer users can simply recover their files from the backup. Computer users also can intercept the 'KoKo Locker' Ransomware with a reliable security program that is fully up-to-date.
SpyHunter Detects & Remove KoKo Locker Ransomware
File System Details
# | File Name | MD5 |
Detections
Detections: The number of confirmed and suspected cases of a particular threat detected on
infected computers as reported by SpyHunter.
|
---|---|---|---|
1. | file.exe | dbac4f4e6c9ef15ccda593ced4408b17 | 1 |
Submit Comment
Please DO NOT use this comment system for support or billing questions. For SpyHunter technical support requests, please contact our technical support team directly by opening a customer support ticket via your SpyHunter. For billing issues, please refer to our "Billing Questions or Problems?" page. For general inquiries (complaints, legal, press, marketing, copyright), visit our "Inquiries and Feedback" page.