Threat Database Ransomware Konx Ransomware

Konx Ransomware

Threat Scorecard

Threat Level: 100 % (High)
Infected Computers: 3
First Seen: January 19, 2011
Last Seen: November 21, 2020
OS(es) Affected: Windows

The Konx Ransomware goal is to sneak itself onto the user's computer and then lock it up with a powerful encryption algorithm effectively. Victims will no longer be able to either access or use all of their files including documents, spreadsheets, PDFs, pictures, audio and video files. The Konx Ransomware is a new threatening crypto locker spawned from the VoidCrypt Ransomware family.

Every single file affected by the Konx Ransomware will its name changed drastically. The malware threat appends an email address belonging to the hackers, followed by a unique string of characters representing the victim's ID, and finally '.konx' as a new extension. The email address is '' Simultaneously, a text file named '!INFO.HTA' and containing instructions from the criminals responsible for unleashing the Konx Ransomware will be dropped in every folder with encrypted files inside it.

The ransom note doesn't mention the exact sum that the hackers want to extort from their victims in exchange for the decryption tool of key necessary for the restoration of the locked data. It is specified, though, that the payment must be made using Bitcoin, arguably the most popular cryptocurrency. To establish communication, victims are told to send a message to the '' and if they do not receive an answer, try the reserve email address at '' In an attempt to further scare the users into initiating contact as soon as possible, the Konx Ransomware's note mentions that after 48 hours have passed, the ransom amount will be increased.

The full text of the instructions from the hackers are:

'!!! Your Files Has Been Encrypted !!!
♦ your files has been locked with highest secure cryptography algorithm ♦
♦ there is no way to decrypt your files without paying and buying Decryption tool♦
♦ but after 48 hour decryption price will be double♦
♦ you can send some little files for decryption test♦
♦ test file should not contain valuable data♦
♦ after payment you will get decryption tool ( payment Should be with Bitcoin)♦
♦ so if you want your files dont be shy feel free to contact us and do an agreement on price♦
♦ !!! or Delete you files if you dont need them !!!
♦Your ID :-
our Email
In Case Of No Answer'


Most Viewed