Kraken Cryptor 1.5 Ransomware

The Kraken Cryptor 1.5 Ransomware is an encryption ransomware Trojan that was first observed in mid-September 2018. The Kraken Cryptor 1.5 Ransomware is being delivered through a fake anti-malware program named 'SUPERAntiSpyware' while most ransomware Trojans are typically delivered through spam email attachments. It is essential to note that, at the time of writing, the Kraken Cryptor 1.5 Ransomware itself is the supposed security program hosted on SUPERAntiSpyware's website.

A Sea Serpent that Attacks Your Files

Once the Kraken Cryptor 1.5 Ransomware has been installed onto the victim's computer, it will take it over by using a strong encryption algorithm to make the victim's files inaccessible. The Kraken Cryptor 1.5 Ransomware marks the files encrypted by its attack with the file extension '.onion.' The Kraken Cryptor 1.5 Ransomware also renames the victim's files following a sequential number pattern: "00000000-Lock.onion," "00000001-Lock.onion," "00000002-Lock.onion," etc. The Kraken Cryptor 1.5 Ransomware starts the sequence from zero at each new directory where it encrypts the victim's data. The Kraken Cryptor 1.5 Ransomware will target the below-mentioned file types in this attack:

.jpg, .jpeg, .raw, .tif, .gif, .png, .bmp, .3dm, .max, .accdb, .db, .dbf, .mdb, .pdb, .sql, .dwg, .dxf, .cpp, .cs, .h, .php, .asp, .rb, .java, .jar, .class, .py, .js, .aaf, .aep, .aepx, .plb, .prel, .prproj, .aet, .ppj, .psd, .indd, .indl, .indt, .indb, .inx, .idml, .pmd, .xqx, .xqx, .ai, .eps, .ps, .svg, .swf, .fla, .as3, .as, .txt, .doc, .dot, .docx, .docm, .dotx, .dotm, .docb, .rtf, .wpd, .wps, .msg, .pdf, .xls, .xlt, .xlm, .xlsx, .xlsm, .xltx, .xltm, .xlsb, .xla, .xlam, .xll, .xlw, .ppt, .pot, .pps, .pptx, .pptm, .potx, .potm, .ppam, .ppsx, .ppsm, .sldx, .sldm, .wav, .mp3, .aif, .iff, .m3u, .m4u, .mid, .mpa, .wma, .ra, .avi, .mov, .mp4, .3gp, .mpeg, .3g2, .asf, .asx, .flv, .mpg, .wmv, .vob, .m3u8, .dat, .csv, .efx, .sdf, .vcf, .xml, .ses, .qbw, .qbb, .qbm, .qbi, .qbr , .cnt, .des, .v30, .qbo, .ini, .lgb, .qwc, .qbp, .aif, .qba, .tlg, .qbx, .qby , .1pa, .qpd, .txt, .set, .iif, .nd, .rtp, .tlg, .wav, .qsm, .qss, .qst, .fx0, .fx1, .mx0, .fpx, .fxr, .fim, .ptb, .ai, .pfb, .cgn, .vsd, .cdr, .cmx, .cpt, .csl, .cur, .des, .dsf, .ds4, , .drw, .eps, .ps, .prn, .gif, .pcd, .pct, .pcx, .plt, .rif, .svg, .swf, .tga, .tiff, .psp, .ttf, .wpd, .wpg, .wi, .raw, .wmf, .txt, .cal, .cpx, .shw, .clk, .cdx, .cdt, .fpx, .fmv, .img, .gem, .xcf, .pic, .mac, .met, .pp4, .pp5, .ppf, .nap, .pat, .ps, .prn, .sct, .vsd, .wk3, .wk4, .xpm, .zip, .rar.

Victims of the Kraken Cryptor 1.5 Ransomware are alerted via a ransom note that they must pay a ransom of 0.125 Bitcoin (800 USD approximately at the current exchange rate). The criminals are contacted via the email address shortmagnet@420blaze.it. The ransom demanded by the Kraken Cryptor 1.5 Ransomware shouldn't be paid unless there's no another option. One curious aspect of the Kraken Cryptor 1.5 Ransomware is that the victims of the Kraken Cryptor 1.5 Ransomware attack located in Iran or the Commonwealth of Independent States do not have to pay the Kraken Cryptor 1.5 Ransomware ransom. Supposedly, sending the criminals a picture of identification or passport will result in the return of the affected files. Needless to say, malware researchers consider it a very bad idea to let criminals have access to personal information, which could be used for additional schemes or identity theft.

Protecting Your Data from Threats Like the Kraken Cryptor 1.5 Ransomware

The best protection from threats like the Kraken Cryptor 1.5 Ransomware is to have file backups. With these backup copies of your files, there is no need to attempt to negotiate with the criminals responsible for the Kraken Cryptor 1.5 Ransomware. Since the Kraken Cryptor 1.5 Ransomware is distributed through a fake anti-virus program, it is crucial, when downloading any software, to confirm that the publisher and distributor are both reputable and he downloaded software is legitimate.