Are you seeing files, documents, and images on your PC that have a .kupidon extension? Then it is likely that your computer has already been infected with ransomware called Kupidon. This ransomware is a malicious entity that encrypts the files and documents on a victim’s device. Once it begins its attack, it displays an error message that offers to decrypt the files of the victim once payment in Bitcoin has been made.
Find out more about this ransomware below:
What is Kupidon Ransomware?
You may be asking right now, what can Kupidon ransomware do? What’s the worse that could happen once your device has been infected? How did your PC get infected in the first place?
Kupidon is simply a type of file-encrypting ransomware that limits a victim’s access to data by encrypting them with the .kupidon extension. To regain access, hackers will demand a ransom amount in the form of Bitcoin.
Once your PC is infected, it will immediately scan your system for any important files, images, videos, and documents. After that, it will encrypt them and change the file extension to .kupidon. When this happens, you can no longer open them.
And then, a KUPIDON_DECRYPT.TXT file will appear on your device. This file contains a ransom note and a set of instructions on how to contact the hackers behind the attack.
The ransom note often contains this message:
All your files have been encrypted with Kupidon virus. As a private person, you can buy decryption for $300 in Bitcoins. But before you pay, you can make sure that we can really decrypt any of your files. The encryption key and ID are unique to your computer, so you are guaranteed to be able to return your files.
To do this:
- Download and install the Tor Browser.
- Open the http://oc3g3q5tznpubyasjgliqyykhxdfaqge4vciegjaapjchwtgz4apt6qd.onion/ web page in the Tor Browser and follow the instructions.
How Did Your PC Get Infected?
There are many ways that this ransomware is being distributed. However, the most common method used is spam email. Cybercriminals send out emails with infected attachments. When an unsuspecting victim clicks on them, the ransomware is downloaded automatically and begins exploiting vulnerabilities.
Kupidon Ransomware Removal Guide
The best way to remove the Kupidon ransomware is by scanning your PC with a reliable anti-malware software. With a legitimate and trusted anti-malware tool in handy, you can get rid of all the possible traces of Kupidon.
Your other option is to reinstall your operating system completely. But we don’t recommend doing so unless you are an expert at this.
Decrypting Affected Files
Now that you have removed the ransomware from your PC, you may be asking if there’s a way to decrypt the files that Kupidon has encrypted. Well, we cannot guarantee the complete retrieval of the files, but the recovery methods below are worth trying.
Method #1: Restore from backup
If you regularly back up your files, then you can conveniently retrieve your files without having any problems. Simply restore from the backup and you will now have access to your encrypted file.
Method #2: Use a file recovery software
If you are using an SSD or Solid State Drive, then this method won’t probably work. But it is worth trying if you are using an HDD or Hard Disc Drive. Do a quick search online for any trustworthy file recovery software. Install it on your PC and let it do the trick.
Method #3: Boot into Safe Mode
The easiest way to recover encrypted files is probably by booting your PC into Safe Mode. However, take note that doing this will overwrite some data on your hard drive. Nonetheless, if you want to give this method a try, follow these steps:
- Press and hold the Windows + X keys.
- Choose Shut down.
- Press the Shift key and hit Restart.
- When presented with a set of options, choose Advanced Options.
- Hit Restart.
- Once Windows restarts, press F5.
- From here, you can start recovering the files that have been encrypted by the Kupidon ransomware.
We may not know a lot about the Kupidon ransomware, but one thing is for sure: it is something that we must not take for granted. Once you notice some files with a .kupidon extension on your folders, take the necessary steps, and have them removed as soon as possible.
What other ransomware entities have wreaked havoc on your device before? How did you remove them? Share your experience in the comments!