Threat Database Ransomware Monaki Ransomware

Monaki Ransomware

The Monaki Ransomware is a potent malware that can be utilized as a part of attack operations targeting users' data. The threat is equipped with a sufficiently strong encryption mechanism that it uses to lock the data found on the breached devices. Files such as documents, PDFs, databases, photos, images, and many other file types will be rendered inaccessible. Typically, recovering files encrypted by ransomware threats is impossible without knowing the proper decryption key that the threat actors possess.

In addition to locking the victim's files, the Monaki Ransomware will attach 'Lock.' to the front of each file name. When it has completed its main task, the threat moves on to the delivery of its ransom note. The instructions for the victims are displayed as an image that will be placed as a new desktop background. Unlike the vast majority of ransomware out there, Monaki doesn't create a text file version of its ransom-demanding message.

The message shows clearly that Monaki Ransomware is mostly leveraged against individual users. The operators behind the threat also state that they can only be contacted on Discord. The ransom note clarifies that the attackers' Discord account is 'monak#0001.' Apparently, the ransom amount that the hackers are trying to extort from their victims is $100. However, payments will only be accepted if the money is being transferred using the Bitcoin cryptocurrency.

The full text shown as a desktop background is:

'Your files are encrypted by monaki

To decrypt your files message me on discord: monaki#0001

The price decryption is 100 USD in Bitcoin'


Most Viewed