Now this is a just a low blow. A new strain of ransomware called “Kirk” is in the wild. Unlike most strains, this one uses Monero instead of Bitcoin for payment. Once you do pay, it provides a decryptor called “Spock”. The bad news, it doesn’t look like the ransomware can actually do the decryption at this point, so they are effectively dragging poor Spock’s name through the mud. That’s just wrong! It does have a cool ASCI art ransom screen though
The good news? It looks like it’s being spread by passing itself along as a copy of LOIC (Low Orbit Ion Cannon), so if you aren’t dorking around with tools like that, you should be ok.
So help me, if they do something like this based on a Firefly theme, I’m going to hunt them down and smack them up side the melon by myself.
Erich Kron, Security Awareness Advocate at KnowBe4, is a veteran information security professional with over 20 years’ experience in the medical, aerospace manufacturing and defense fields. He is the former security manager for the 2nd Regional Cyber Center-Western Hemisphere and holds CISSP, CISSP-ISSAP, MCITP and ITIL v3 certifications, among others. Erich has worked with information security professionals around the world to provide the tools, training and educational opportunities to succeed in InfoSec