Threat Database Ransomware Ke3q Ransomware

Ke3q Ransomware

By GoldSparrow in Ransomware

Recently, experts spotted a newly emerged ransomware threat, which they called the Ke3q Ransomware. When they dissected this threat, malware researchers found that it belongs to the small ransomware family of the B2DR Ransomware.

It is not fully certain how the Ke3q Ransomware is being spread, but it is believed that the attackers employ faux software updates, as well as pirated content, and spam email campaigns to propagate the Ke3q Ransomware. When Ke3q Ransomware manages to sneak into a computer, it will begin the attack with a scan of the data kept on the machine. That way, the Ke3q Ransomware will locate all the files it will later encrypt. When this is completed, the Ke3q Ransomware will start its encryption process and lock all the files it targets. After going through the Ke3q Ransomware's encryption, the files will not only be unusable but also have their names changed. The Ke3q Ransomware adds the '.ke3q' extension to the files it locks. This means that if you had a file called 'chocolate.mp3,' the Ke3q Ransomware will change it to 'chocolate.mp3.ke3q.' When the encryption process is through, the Ke3q Ransomware will proceed to drop its ransom note called 'Readme.txt.' The note starts with 'HOW TO GET MY FILES BACK?' Then, the attackers instruct the victims to download and install the Tor Browser. This is a browser designed to give access to the Dark Web specifically, which no other browser can do. Most cybercrime-related activities are carried out on the Dark Web as it offers a level of anonymity, which the regular Web does not. The attackers provide a link, which the user is meant to open with the help of the Tor Browser. Then, they state that after opening the provided link, the user will receive further instructions. The authors of the Ke3q Ransomware also give out a Bitmessage contact – NBagPL1pc8yKDocYNB95XJArzuV19GzS.

We would recommend you not to get involved with cybercriminals in any shape or form. Do not contact them or pay them. They are not trustworthy individuals and will likely trick you. Instead, you should download and install a reputable anti-malware tool and use it to clean your machine from this nasty threat.


Most Viewed