Free Phone Consultation For New Clients | CONTACT NOW

Koxic Ransomware Being Distributed in Korea

A team of researchers has discovered a new strain of ransomware that encrypts files and demands a ransom of up to $10,000 (£7,500) for the safe return of the files.

The team from Korea's AhnLab discovered the ransomware, which they have named Koxic, and have already been able to successfully decrypt files that were taken over.

They also found that the ransomware has been preying on Korean-speaking victims. The ransomware doesn't encrypt files in other languages and is triggered by a single file named "Nalog".

The team also found that once it has infected a computer, it deletes backup copies of files and changes the desktop wallpaper to display a message explaining how to pay the ransom.

Targets are often young users and novice computer users who use backup software, a key to ensuring the Koxic ransomware can propagate itself.

So far, Koxic looks to be specifically targeting Korea. It does not, however, appear to have spread beyond that country. The AhnLab team is working with researchers from Western countries on ways of preventing the infection from spreading online.

Source: Koxic Ransomware Being Distributed in Korea - AlienVault - Open Threat Exchange

Need secure managed IT for your business?