The fear of cybercriminals and hackers switching to Monero has come true. The latest Monero ransomware to hit the internet, takes inspiration from the popular science fiction, Star Trek and goes by the name “Kirk” as in Captain James T Kirk of the starship USS Enterprise.
A decade ago, the global success of cryptocurrencies would have seemed like something out of a science fiction. But not anymore, like the robots in Isaac Asimov’s classic sci-fi, Bitcoin and other cryptocurrencies are as real as air and water. But like everything, these cryptocurrencies come with their own set of challenges. Criminals are increasingly misusing the ease of use, lack of central authority controlling the digital currency, combined with a certain degree of anonymity associated with the. The Bitcoin demanding ransomware are a good example of that.
The new Kirk ransomware was discovered by Jakub Kroustek, a researcher at the cybersecurity firm, Avast. According to reports, like any other ransomware, Kirk encrypts files on the infected system and demands a ransom to decrypt it back to the original form. Apart from its name, Kirk differentiates itself from the rest of the ransomware by demanding Monero instead of Bitcoin ransom.
According to a tech news site, the Kirk ransomware disguises itself as a popular network stress testing application – Low Orbital Ion Cannon (LOIC). Once infected, Kirk encrypts about 625 different file types with an RSA-4096 encryption protocol, appending the filename extension with “.kirk”. In order to decrypt the file, the ransomware demands 50 Monero valued at over $1000. The ransom doubles to 100 Monero after two days, then 200 on the 8th day and to 500 on the 15th day till the month end. If the ransom isn’t paid within 30 days, the password decryption key will be permanently deleted, rendering the files inaccessible forever.
Once the victim makes the ransom payment, they will be provided with a decryption program. Keeping up with the Star Trek reference, the decryption tool is named after the character, Spock.
Unlike Bitcoin, Monero transactions are virtually untraceable due to the use of CryptoNote protocol. Security experts had predicted its adoption by cybercriminals and dark net vendors, which has now come true in the form of Kirk.
For internet users, irrespective of the kind of ransom demanded by the ransomware, safe internet practices can save them from the whole ordeal. Use of updated software, cybersecurity tools, downloading software from reliable sources and ignoring attachments from unknown senders will keep them away from trouble.
Ref: HotHardware | Image: NewsBTC