'.MK File Extension' Ransomware
Threat Scorecard
EnigmaSoft Threat Scorecard
EnigmaSoft Threat Scorecards are assessment reports for different malware threats which have been collected and analyzed by our research team. EnigmaSoft Threat Scorecards evaluate and rank threats using several metrics including real-world and potential risk factors, trends, frequency, prevalence, and persistence. EnigmaSoft Threat Scorecards are updated regularly based on our research data and metrics and are useful for a wide range of computer users, from end users seeking solutions to remove malware from their systems to security experts analyzing threats.
EnigmaSoft Threat Scorecards display a variety of useful information, including:
Ranking: The ranking of a particular threat in EnigmaSoft’s Threat Database.
Severity Level: The determined severity level of an object, represented numerically, based on our risk modeling process and research, as explained in our Threat Assessment Criteria.
Infected Computers: The number of confirmed and suspected cases of a particular threat detected on infected computers as reported by SpyHunter.
See also Threat Assessment Criteria.
Threat Level: | 80 % (High) |
Infected Computers: | 6 |
First Seen: | November 23, 2016 |
Last Seen: | August 9, 2022 |
OS(es) Affected: | Windows |
Fall of 2016 has seen a wave of ransomware Trojans that use different extensions to identify the files that are encrypted during the attack. The '.MK File Extension' Ransomware is just one of the numerous encryption ransomware Trojans being used in these attacks, all of which are variants of a ransomware Trojan known as Globe. Like most ransomware Trojans, the '.MK File Extension' Ransomware is designed to extract a ransom from the victim through the use of extortion. The '.MK File Extension' Ransomware blackmails the victims by taking their files hostage, encrypting them and making them inaccessible.
How the '.MK File Extension' Ransomware may Infect a Computer
The '.MK File Extension' Ransomware is being distributed in a corrupted spam email campaign. The '.MK File Extension' Ransomware is virtually identical to the numerous other ransomware Trojans that have been released in the span of only a few weeks. Con artists tend to update their ransomware Trojans frequently, releasing new variants to stay ahead of PC security analysts and updates to security software. The '.MK File Extension' Ransomware does not use an attack that is particularly effective. The '.MK File Extension' Ransomware is virtually identical to numerous other Trojans. The '.MK File Extension' Ransomware will infiltrate the victim's computer, encrypt the victim's files, and then demand that the victim pays a large ransom. The '.MK File Extension' Ransomware identifies the files encrypted during the attack by changing their extension to '.MK.'
The '.MK File Extension' Ransomware Targets the Windows OS
TYhe '.MK File Extension' Ransomware is designed to attack computers using the Windows operating system. The '.MK File Extension' Ransomware may be delivered in the form of a file attachment containing corrupted scripts. While most computer users expect threats to be delivered in suspicious file types, such as EXE or DLL, one of the strengths of the '.MK File Extension' Ransomware and other ransomware in this wave of attacks is that they are distributed using familiar file types such as DOCX. These corrupted Microsoft Office files exploit vulnerabilities in the application's macros, which allow them to download and install the '.MK File Extension' Ransomware while bypassing security protection on the victim's computer. Emails being used to distribute the '.MK File Extension' Ransomware may use a social engineering component, such as mimicking email communications from social media or banks, to convince computer users to open the corrupted attached file.
How the '.MK File Extension' Ransomware Executes Its Attack
The '.MK File Extension' Ransomware attack itself is typical of these infections. The '.MK File Extension' Ransomware searches the victim's computer for certain file types, targeting media files, office documents, databases, and commonly used file types. Whenever the '.MK File Extension' Ransomware finds these files, it uses a strong encryption algorithm to encrypt the file, thus making it inaccessible. The files encrypted by the '.MK File Extension' Ransomware are identified by the addition of the extension '.MK' to the end of the file's name. The '.MK File Extension' Ransomware tends to target files in the following directories:
%UserProfile%\Desktop
%UserProfile%\Downloads
%UserProfile%\Documents
%UserProfile%\Pictures
%UserProfile%\Music
%UserProfile%\Videos
Dealing with the '.MK File Extension' Ransomware's Ransom Demands
PC security analysts strongly advise computer users to avoid paying the '.MK File Extension' Ransomware ransom. The '.MK File Extension' Ransomware drops its ransom note in the form of TXT, HTA and HTML files. These ransom notes ask victims to contact the email address mkscorpion@india.com to receive the decryption key and instructions on how to pay. Unfortunately, the con artists may ignore the victim or even ask for more money, making it very risky to pay the '.MK File Extension' Ransomware ransom. Instead, computer users are advised to have backups of all files and update these backups regularly. This way, the recovery from an attack like the '.MK File Extension' Ransomware is relatively simple since computer users can reinstall their files from the backup after deleting the '.MK File Extension' Ransomware infection itself.
Submit Comment
Please DO NOT use this comment system for support or billing questions. For SpyHunter technical support requests, please contact our technical support team directly by opening a customer support ticket via your SpyHunter. For billing issues, please refer to our "Billing Questions or Problems?" page. For general inquiries (complaints, legal, press, marketing, copyright), visit our "Inquiries and Feedback" page.