Alka Ransomware

Alka Ransomware Description

The newest copy of the infamous STOP Ransomware has been dubbed Alka Ransomware. Just like most threats of this kind, the Alka Ransomware will encrypt all the victim’s data – images, videos, audio files, documents, presentations, databases, archives, etc. The more data a ransomware threat locks, the more likely it is for the user to pay the fee demanded by the attackers.

Propagation and Encryption

Spam emails are the most likely infection vector used in the spreading of the Alka Ransomware. Targeted users would receive an email containing a bogus message and a corrupted attached file that would infect their system once it is launched. Other tricks that cyber crooks often use to propagate ransomware threats include torrent trackers, pirated variants of popular applications, software updates, malvertisement, etc. The Alka Ransomware would make sure to lock the files present on the compromised system using an encryption algorithm. The Alka Ransomware adds a new extension to the locked files’ names – ‘.alka.’ Therefore, a file that was named ‘spring-morning.mp3’ initially will be renamed to ‘spring-morning.mp3.alka.’

The Ransom Note

Once the encryption process is completed, the Alka Ransomware would proceed with the attack by dropping a ransom note on the infected system. The note is named ‘_readme.txt.’ In the ransom note, the creators of this nasty Trojan state that users who have fallen victim to this threat have to pay $980 if they want to receive the decryption key they need. However, victims who contact the attackers within 72 hours would receive a 50% discount, which drops the price to $490. As proof that the attackers have a working decryption tool, they offer the user to send them one file that they will decrypt free of charge. The creators of the Alka Ransomware have provided two email addresses as a means of contacting them – ‘helpmanager@iran.ir’ and ‘helpmanager@firemail.cc.’

It is not good to get in touch with the authors of the Alka Ransomware. Needless to say, cybercriminals are not trustworthy individuals, and even users who pay the fee demanded are likely never to receive the decryption key they had been promised. This is why you should consider removing the Alka Ransomware from your computer with the help of a reputable anti-virus software suite that will also go a long way to keep your system safe in the future.

Related Posts

2 Comments

  • Bucsa Lucian:

    What software can I use from here to repair infected Word documents with Alka virus ?

    • GoldSparrow:

      You can utilize SpyHunter to eliminate the Alka Ransomware threat, which will then allow you to restore files from a backup and keep other files from being damaged or encrypted.

Leave a Reply

Please DO NOT use this comment system for support or billing questions. For SpyHunter technical support requests, please contact our technical support team directly by opening a customer support ticket via your SpyHunter. For billing issues, please refer to our "Billing Questions or Problems?" page. For general inquiries (complaints, legal, press, marketing, copyright), visit our "Inquiries and Feedback" page.


HTML is not allowed.