Threat Database Ransomware Kodg Ransomware

Kodg Ransomware

Ransomware threats have been among the most popular threats of 2019 undoubtedly. Thousands of users worldwide have fallen victim to this nasty threat and lost their data permanently. Data-locking Trojans are nasty, particularly, as they would make sure to encrypt all your data and then blackmail you if you want to retrieve your data. One of the newest spotted ransomware threats has been named Kodg Ransomware. This threat belongs to the most active ransomware family of 2019 – the STOP Ransomware family.

Propagation and Encryption

It has not yet been pinpointed what the specific infection vectors involved in the spreading of the Kodg Ransomware are. Some believe that the authors of the Kodg Ransomware may be using spam email to propagate this Trojan. This would mean that their targets would receive an email containing a fraudulent message, which would try to induce the user to open the attached file, which is macro-laced, and as soon as it is launched, it will compromise the targeted system. Other methods could include fake pirated variants of popular applications, torrent trackers, bogus updates, etc. If the Kodg Ransomware compromises your system, it will make sure to target data, including images, audio files, presentations, spreadsheets, videos, databases, archives, etc. The goal of this ransomware threat is to cause as much damage as possible because this would raise the chances of the victim paying the ransom fee demanded by the attackers. When the Kodg Ransomware encrypts a targeted file, it will alter its name by adding a ‘.kodg’ extension at the file name. For example, an audio file named ‘black-stool.mp3’ will be renamed to ‘black-stool.mp3.kodg’ and no longer playable.

The Ransom Note

Right after completing the encryption process, the Kodg Ransomware will proceed to drop its ransom note on the victim’s desktop. Just like most variants of the STOP Ransomware, the Kodg Ransomware’s ransom note is named ‘ _readme.txt.’ The attackers state that as a ransom fee, they would demand $980. However, users who get in touch with them within 72 hours will receive a 50% discount, meaning that the ransom fee will be dropped to $490. The creators of the Kodg Ransomware offer to decrypt one file free of charge. This is a common technique used by authors of data-locking Trojans. The goal is to convince the victims that they are capable of reversing the damage that has been done to their data. There are two email addresses provided - ‘’ and ‘’ This is where the victim is expected to contact the attackers and receive further instructions.

Avoid any contact with cyber crooks. These individuals are not to be trusted. More often than not, they will not deliver on their promises but will be more than happy to take your money. This is why you should download and install a reputable anti-malware application and use it to wipe off the Kodg Ransomware from your computer precisely. If you wish, you also can try to recover some of the lost files using external data-recovery software, but it is not likely that you will be satisfied with the results.


Most Viewed