Threat Database Ransomware '.MK File Extension' Ransomware

'.MK File Extension' Ransomware

By GoldSparrow in Ransomware

Threat Scorecard

Threat Level: 80 % (High)
Infected Computers: 6
First Seen: November 23, 2016
Last Seen: August 9, 2022
OS(es) Affected: Windows

Fall of 2016 has seen a wave of ransomware Trojans that use different extensions to identify the files that are encrypted during the attack. The '.MK File Extension' Ransomware is just one of the numerous encryption ransomware Trojans being used in these attacks, all of which are variants of a ransomware Trojan known as Globe. Like most ransomware Trojans, the '.MK File Extension' Ransomware is designed to extract a ransom from the victim through the use of extortion. The '.MK File Extension' Ransomware blackmails the victims by taking their files hostage, encrypting them and making them inaccessible.

How the '.MK File Extension' Ransomware may Infect a Computer

The '.MK File Extension' Ransomware is being distributed in a corrupted spam email campaign. The '.MK File Extension' Ransomware is virtually identical to the numerous other ransomware Trojans that have been released in the span of only a few weeks. Con artists tend to update their ransomware Trojans frequently, releasing new variants to stay ahead of PC security analysts and updates to security software. The '.MK File Extension' Ransomware does not use an attack that is particularly effective. The '.MK File Extension' Ransomware is virtually identical to numerous other Trojans. The '.MK File Extension' Ransomware will infiltrate the victim's computer, encrypt the victim's files, and then demand that the victim pays a large ransom. The '.MK File Extension' Ransomware identifies the files encrypted during the attack by changing their extension to '.MK.'

The '.MK File Extension' Ransomware Targets the Windows OS

TYhe '.MK File Extension' Ransomware is designed to attack computers using the Windows operating system. The '.MK File Extension' Ransomware may be delivered in the form of a file attachment containing corrupted scripts. While most computer users expect threats to be delivered in suspicious file types, such as EXE or DLL, one of the strengths of the '.MK File Extension' Ransomware and other ransomware in this wave of attacks is that they are distributed using familiar file types such as DOCX. These corrupted Microsoft Office files exploit vulnerabilities in the application's macros, which allow them to download and install the '.MK File Extension' Ransomware while bypassing security protection on the victim's computer. Emails being used to distribute the '.MK File Extension' Ransomware may use a social engineering component, such as mimicking email communications from social media or banks, to convince computer users to open the corrupted attached file.

How the '.MK File Extension' Ransomware Executes Its Attack

The '.MK File Extension' Ransomware attack itself is typical of these infections. The '.MK File Extension' Ransomware searches the victim's computer for certain file types, targeting media files, office documents, databases, and commonly used file types. Whenever the '.MK File Extension' Ransomware finds these files, it uses a strong encryption algorithm to encrypt the file, thus making it inaccessible. The files encrypted by the '.MK File Extension' Ransomware are identified by the addition of the extension '.MK' to the end of the file's name. The '.MK File Extension' Ransomware tends to target files in the following directories:

%UserProfile%\Desktop
%UserProfile%\Downloads
%UserProfile%\Documents
%UserProfile%\Pictures
%UserProfile%\Music
%UserProfile%\Videos

Dealing with the '.MK File Extension' Ransomware's Ransom Demands

PC security analysts strongly advise computer users to avoid paying the '.MK File Extension' Ransomware ransom. The '.MK File Extension' Ransomware drops its ransom note in the form of TXT, HTA and HTML files. These ransom notes ask victims to contact the email address mkscorpion@india.com to receive the decryption key and instructions on how to pay. Unfortunately, the con artists may ignore the victim or even ask for more money, making it very risky to pay the '.MK File Extension' Ransomware ransom. Instead, computer users are advised to have backups of all files and update these backups regularly. This way, the recovery from an attack like the '.MK File Extension' Ransomware is relatively simple since computer users can reinstall their files from the backup after deleting the '.MK File Extension' Ransomware infection itself.

Trending

Most Viewed

Loading...