If you have been recently attacked by a ransomware, then chances are that it maybe KwaakLocked ransomware. It is an open sourced ransomware which means it was developed and distributed online by its creators so others can modify it accordingly and utilize it for nefarious purposes.
Security analysts in ransomware removal industry first found it in mid 2015. This virus resembles another popular ransomware RabboLock ransomware but it is distinctive enough in its operation to be separated from RabboLock. The target audience of KwaakLocked has been primarily Korean and it has attacked 96 devices so far.
So how KwaakLocked does encrypts your files? According to a security analyst of ransomware removal, it infects your computer files and blocks access to them through encryption with a powerful cryptographic cipher known as AES-256 algorithm. After blocking access to the files, KwaakLocked changes their extenstion to “kwaaklocked” with the addition of a text file containing information related to ransom.
The files that are at risk of encryption through AES-256 include all types of multimedia and text processing data formats including images, audios, videos, power points, spreadsheets and documents.
How it Attacks?
KwaakLocked exploits your system quietly without any authorization from your side. Unfortunately it can attack any computer easily as it can spread via a lot of sources, according to security analysts working with KwaakLocked ransomware removal cases. It spreads through email attachments, P2P (Peer to Peer) file transfer, freeware and website links.
How does it Demand Ransom?
After infecting your computer, the ransomware blocks all the files immediately. It then adds a text file into your computer to communicate with you about the threats and demand a huge sum of money as ransom. If you will try to click on your files, your wallpaper will begin to change and the hackers will blackmail you to pay. Most probably, the ransom asked will be a number of Bitcoins. Bitcoin has become a common factor in ransomware