A malware researcher at Avast has discovered a novel strain called Kirk Ransomware. The developers named the malware after Captain Kirk of Star Trek fame, and images that accompany the malicious software show ASCII art of William Shatner (who played Kirk) and Leonard Nimoy (who portrayed Spock).
No one has witnessed this malware in the wild yet, but it has two interesting attributes that makes it worth keeping an eye on.
Ransomware-as-a-Service (RaaS) Leads to Branding
RaaS is a relatively new concept in ransomware where developers sell subscriptions to their malware. Distributors pay a fee to the developers in exchange for access to the ransomware. In addition to the fee, distributors also pay a percentage of their profits back to the developers.
You may wonder why a developer would go through the trouble of branding their malicious software. While many developers don’t bother to name their malware at all, the developers of Kirk may be thinking bigger. They could be positioning their malware, driving name recognition as a marketing tool.
After all, what better way to sell more subscriptions to your ransomware than to associate it with a famous brand? In this case, the developers have hitched their ransomware to a sci-fi hero whose image resonates with generations of people around the world.
If the ransomware was called simply Lockercrypt, no one would be talking about it (except for victims, of course). Because of its Star Trek theme, it’s in the news. Because it’s in the news, distributors will be more likely to buy a subscription to it if it becomes available.
Kirk Ransom Note Demands Monero Payment
The other unusual aspect of Kirk ransomware worth noting is its insistence on Monero instead of Bitcoin. Monero is a similar to Bitcoin, but it is much harder to trace. Law enforcement agencies have had some success in tracking Bitcoin users, so the change to Monero could help shield distributors from legal trouble.
Protect Your Data From Kirk Ransomware and Other Malware
Kirk’s combination of brand recognition and secure payment could make it very attractive to distributors who are looking for ready-made ransomware. If nothing else, the novel ransomware demonstrates how prolifically programmers are creating new malware on a daily basis.
Keeping your operating system and software updated prevents distributors from attacking vulnerabilities on your computer. Never clicking on suspicious links or attachments is also mandatory in the current climate. Most important of all, regularly backing up data gives you the option to wipe your computer or device if ransomware infects it.
We are all boldly going into the future, where no man has gone before. A little common sense and good internet practices will keep us from being victims.