KICK Ransomware

There are new ransomware threats rearing their ugly heads daily as more and more cybercriminals try their luck with making a quick buck by blackmailing innocent users. One of the newest file-locking Trojans to emerge is the KICK Ransomware. When analyzed, the KICK Ransomware revealed that it is a variant of the infamous Dharma Ransomware.

Compromising Your PC

Malware researchers have not yet determined what infection vectors are involved in the spreading of the KICK Ransomware. Some believe that mass spam email campaigns, infected pirated applications, and bogus software updates might be some of the propagation methods used in the spreading of the KICK Ransomware, as these are among the most popular infection vectors used by cybercrooks. If the KICK Ransomware manages to compromise your system, it will begin a scan whose goal is to identify and locate the data, which will be selected for encryption. Next, the KICK Ransomware will start locking the targeted files. The KICK Ransomware will add an extension to the names of the newly locked files. The extension added is ‘.id-.[mstr.hack@protonmail.com].KICK’ and follows the naming pattern of most ransomware threats, which belong to the Dharma Ransomware family.

The Ransom Note

Next, the data-encrypting Trojan will drop a ransom note. Most Dharma Ransomware variants’ ransom notes are named ‘FILES ENCRYPTED.txt’ or ‘info.hta’ so that it is likely that the KICK Ransomware too has followed in their steps. There is an email provided for the victim where the authors of this threat expect to be contacted to give further instructions – ‘mstr.hack@protonmail.com.’

We would recommend you strongly not to contact the authors of the KICK Ransomware because negotiating with cyber crooks rarely gives any positive results. A much safer option is to obtain a reputable anti-malware application, which will wipe off the KICK Ransomware from your system and keep it secure from future attacks.