King Engine Ransomware

King Engine Ransomware Description

The King Engine Ransomware is the name given by the hackers themselves to a new ransomware variant based on the Hentai OniChan Ransomware. The King Engine Ransomware name and the image used as a background when displaying the ransom note are taken from a popular Japanese anime called 'One Punch Man.' Although the appearance of this threat may not sound that serious, the King Engine Ransomware is a threatening crypto locker that could cause massive damage to any computer it manages to infiltrate.


This Week In Malware Episode 31 Part 2: Fake COVID19 Test Results Phishing Emails Spread King Engine Ransomware Threat

This particular threat is being propagated through phishing emails. The hackers are attempting to profit from the global COVID-19 pandemic by designing these emails to appear as if they are carrying the user's test results for the virus. This is just a pretense to encourage the victims to execute the attached PDF or HTML files, resulting in the King Engine Ransomware being dropped onto the computer.

Compared to the previous variant of the Hentai OniChan Ransomware called Bersek, the King Engine Ransomware is far more advanced due to it having several new threatening features. The most threatening one is the King Engine Ransomware Ransomware's added functionality to exfiltrate data from the compromised computer to the Command-and-Control infrastructure of the hackers. The data theft is executed before the start of the encryption process.

The instructions for the victims are presented in an image delivered by the threat. According to the ransom note, the criminals want the 'insignificant' sum of 50 BTC (Bitcoin) to be sent to the provided cryptocurrency wallet address. Bitcoin's price does fluctuate significantly, but at the current exchange rate, the amount demanded by the hackers exceeds $750,000. After making the payment, affected users are expected to send an email to the 'hidalgorobertto859@gmail.com.' A time limit of 30 days is set for the transaction to be completed.

Paying such an exorbitant amount of money is out of the question for the majority of computer users, especially under the current circumstances of living in a global pandemic.

Leave a Reply

Please DO NOT use this comment system for support or billing questions. For SpyHunter technical support requests, please contact our technical support team directly by opening a customer support ticket via your SpyHunter. For billing issues, please refer to our "Billing Questions or Problems?" page. For general inquiries (complaints, legal, press, marketing, copyright), visit our "Inquiries and Feedback" page.


HTML is not allowed.