AngryKite Ransomware

The AngryKite Ransomware is a ransomware Trojan first observed in April of 2017. The AngryKite Ransomware seems to be a variant of the Krider Ransomware, which uses a similar attack and has similar characteristics. The AngryKite Ransomware seems to be a fairly standard ransomware Trojan designed to infect computers using the Windows operating system. It is likely that the AngryKite Ransomware spreads through corrupted email attachments that infect the victims' computers with threats through the use macro scripts. The AngryKite Ransomware represents a threat to computers, and PC security researchers strongly advise taking precautionary measures against this and other threats.

How the AngryKite Ransomware may Infect a Computer

The AngryKite Ransomware is installed in the AppData directory. As soon as the AngryKite Ransomware is installed, the AngryKite Ransomware scans the victim's computer for certain file types. The AngryKite Ransomware will encrypt all files matching a list of 166 file types in its configuration files. The AngryKite Ransomware will target files on all local storage devices, as well as on network storage to which it may have access. The following file types are targeted in the AngryKite Ransomware attack:

.3dm, .3g2, .3gp, .7zip, .aaf, .accdb, .aep, .aepx, .aet, .ai, .aif, .arw, .as, .as3, .asf, .asp, .asx, .avi, .bay, .bmp, .c, .cdr, .cer, .class, .cpp, .cr2, .crt, .crw, .cs, .csv, .db, .dbf, .dcr, .der, .dng, .doc, .docb, .docm, .docx, .dot, .dotm, .dotx, .dwg, .dxf, .dxg, .efx, .eps, .erf, .fla, .flv, .html, .idml, .iff, .indb, .indd, .indl, .indt, .inx, .jar, .java, .jpeg, .jpg, .kdc, .log, .m3u, .m3u8, .m4u, .max, .mdb, .mdf, .mef, .mid, .mov, .mp3, .mp4, .mpa, .mpeg, .mpg, .mrw, .msg, .nef, .nrw, .odb, .odc, .odm, .odp, .ods, .odt, .orf, .p12, .p7b, .p7c, .pdb, .pdf, .pef, .pem, .pfx, .php, .plb, .pmd,.png, .pot, .potm, .potx, .ppam, .ppj, .pps, .ppsm, .ppsx, .ppt, .pptm, .pptx, .prel, .prproj, .ps, .psd, .pst, .ptx, .r3d, .ra, .raf, .rar, .rar, .raw, .rb, .rtf, .rw2, .rwl, .sdf, .sldm, .sldx, .sln, .sql, .sr2, .srf, .srw, .svg, .swf, .tif, .txt, .vcf, .vob, .vob, .wav, .wb2, .wma, .wmv, .wpd, .wps, .x3f, .xla, .xlam, .xlk, .xll, .xlm, .xls, .xlsb, .xlsm, .xlsx, .xlt, .xltm, .xltx, .xlw, .xml, .xqx, .zip.

The AngryKite Ransomware changes the affected files' names by adding the extension '.NumberDot' and replacing the files' names with random characters. The AngryKite Ransomware delivers its ransom notification in the form of a program window named 'Warning' and asks victims to call a phone number. This is different from most ransomware Trojans, which ask the victims to contact the con artists through email or by connecting to a TOR website. The following is the ransom message displayed in the AngryKite Ransomware's ransom note:

'WARNING: SYSTEM MAY HAVE FOUND anonymous encryption on your computer. You would not be able to access the files on your computer. Your System May have Found (2) Malicious Viruses Rootkit.Encrypt & Trojan.Spyware Your Personal & Financial information MAY NOT BE SAFE Your system has encryption ransomware which may permanently encrypt your data Please call immediately to avoid further damage Toll free 1-855-545-6800'

Dealing with the AngryKite Ransomware Infection

The AngryKite Ransomware is designed to infect the victim's computers and make their files inaccessible completely. The files encrypted by the AngryKite Ransomware cannot be recovered without the decryption key. This is why PC security researchers strongly advise computer users to take precautionary measures to deal with the AngryKite Ransomware. Use a security program to protect your computer and intercept infections like the AngryKite Ransomware. Most importantly, it is essential to have backup copies of all files. Having backup copies of your files, the con artists will not be able to pressure you into paying a large ransomware. Having the ability to restore the affected files by deleting them and copying the backup makes computer users invulnerable to attacks like the AngryKite Ransomware completely. In fact, if having offline backups becomes standard, then infections like the AngryKite Ransomware will become ineffective completely and may become very uncommon eventually.