Spock and Captain Kirk aren't typically viewed as evil schemers. In fact, these two characters were some of the greatest heroes of "Star Trek," and were often called upon to save the day.
Unfortunately, that's one of the reasons this new form of ransomware doesn't sound so scary at first. While the ransom note that goes with it may be clever, it can still cost you a pretty penny if it's installed on your device.
What is Kirk ransomware?
When recently discovered "Kirk" ransomware takes over a device, it immediately goes to work encrypting your files. These files are converted to .kirked files, which typical software doesn't recognize. This is how the malware prevents you from opening your documents, photos, videos and more.
As with most ransomware, the only way to get your files back is to pay the fee the hackers are demanding. We say "most ransomware" because some forms of ransomware have you pay the fee even though they've already deleted all your files, and you don't find out until it's too late.
In the case of Kirk, however, a message will appear (see image below), informing you the device has been infected. It features a blurry image of Spock and Captain Kirk, and the note: Oh no! The Kirk ransomware has encrypted your files!
To get your files back, victims are asked to "beam up" some Monero - which is a form of digital currency that's similar to Bitcoin. To give you an idea of what this might cost, one Monero is currently the equivalent of $22. However, hackers typically ask for much more than one bitcoin or Monero, and these ransomware attacks can cost anywhere from a few hundred to thousands of dollars.
Cybersecurity experts have found that Kirk ransomware is written in Python using, "AES to encrypt files and RSA to encrypt the AES key." Retrieving this key is the only way decryption of the lost files is possible.
If the ransom is paid, the AES key will be provided and the victims will receive the following message: Spock to the rescue! Followed by: Live long and prosper.
By this point, however, those who've encountered the Kirk ransomware won't find these clever "Star Trek" references amusing.
How to protect yourself
So far, the Kirk ransomware has only been found on a handful of devices. And, luckily, it doesn't seem to be spreading too quickly. Still, it's just one more example of the lengths scammers are willing to go to steal your money. That said, here's how you can protect yourself:
- Back up data regularly - this is very important. It's the best way to recover your critical data if you are infected.
- Download only trusted software - make sure the software you download comes from trusted sites. Avoid third-party app stores when downloading apps.
- Make sure your backups are secure - do not connect your backups to computers or networks that they are backing up.
- Never open risky links in emails - if you get an email or notification that you find suspicious, don't click on its links. It's better to type the website's address directly into a browser. Before you ever click on a link, hover over it with your mouse to see where it is going to take you. If the destination isn't what the link claims, do not click on it.
- Have strong security software - This will help prevent the installation of ransomware on your gadget.