Threat Database Ransomware Kut Ransomware

Kut Ransomware

The only family of ransomware threats that is as popular as STOP/DJVU among cybercriminals is Dharma. One of the latest threats that have been confirmed to belong to the Dharma family is Kut Ransomware. 

No significant deviations from the standard behavior of Dharma variants have been implemented into Kut. However, the threat is still extremely dangerous and can effectively lock users out from their computer systems by encrypting nearly all of their private or work files with a strong encryption algorithm. Every locked file will have its name changed significantly - the threat appends to the original filenames, a string of characters representing the ID assigned to the particular victim, followed by an email under the control of the hackers, and finally, the specific file extension used by the Kut Ransomware. The email address is '' while the extension is '.kut.' The ransom note is delivered in two separate ways - contained inside text files named 'FILES ENCRYPTED.txt' and displayed to the victim in a pop-up window. 

The text files' instructions are extremely brief, simply telling any affected users to send a message to either the '' or the secondary email address at '' The pop-up window provides a bit more details, although they are also not that useful. The message mostly consists of various warnings such as victims avoiding to rename the encrypted files or using any third-party decryption applications. 

The message from the 'FILES ENCRYPTED.txt' is:

'all your data has been locked us

You want to return?

write email or

The ransom note from the pop-up window states:


Don't worry,you can return all your files!

If you want to restore them, follow this link:email YOUR ID -

If you have not been answered via the link within 12 hours, write to us by


Do not rename encrypted files.

Do not try to decrypt your data using third party software, it may cause permanent data loss.

Decryption of your files with the help of third parties may cause increased price (they add their fee to our) or you can become a victim of a scam.'

Related Posts


Most Viewed