Have you noticed an .eking extension on your files, images, and other documents? Then there is a chance that a ransomware entity has infected your PC.
So, what ransomware is it? Eking ransomware. What is it and what does the Eking ransomware do? More about this threat below.
What is Eking Ransomware?
The Eking ransomware is a malicious entity that encrypts your files and documents and adds the .eking extension. After that, it generates a message telling the victim that the document will only be decrypted once the Bitcoin payment has been settled. Normally, the payment instructions are saved on the victim’s desktop in the form of an info.hta file.
The ransom note says:
“Your PC has been infected by a ransomware. If you want to restore them, contact the following address below.
E-Mail contact – [email protected] / [email protected]
If there is no answer in 24 hours. Try to contact us via Sonar.
Download TOR browser
While using your TOR browser, copy and paste the URL below:
Register an account and message us in our ID : decphob
If the TOR link is not working, go to https://onion.live
NEVER RENAME ENCRYPTED FILES THIS MAY CAUSE DAMAGE TO YOUR FILES PERMANENTLY.”
According to experts, if you suspect that your computer is infected with the Eking ransomware, contact any of the following:
- On Guard Online website – United States
- SCAMwatch website – Australia
- Canadian Anti-Fraud Centre – Canada
- An Garda Siochana website – Ireland
- Consumer Affairs Scams website – New Zealand
- Action Fraud website – United Kingdom
How Your Computer Get Infected
There are many ways that the Eking ransomware is distributed by cybercriminals. It could be sent via infected attachments or through vulnerabilities and loopholes in the operating system.
- Spam Email – Cybercriminals could send spam emails making you believe that it’s from a legit company like FedEx or DHL. The email will tell you that a package is being delivered to you, but the shipment failed for some reason. No matter how curious you are, make sure you don’t click on any attached file. Otherwise, your computer could be infected.
- PC Vulnerabilities – It is also possible that the Eking ransomware has exploited vulnerabilities on your PC. Some of the commonly exploited programs and software include the operating system itself, the Microsoft Office Suite, web browsers, and third-party applications.
How to Remove the Eking Ransomware
The best and most effective way to get rid of the Eking ransomware is to use an anti-malware software program. Generally, these programs are designed to destroy all sorts of malware entities that your default anti-malware program tends to miss. But again, make sure that when you download an anti-malware program, get it from the official developer’s website and not from any third parties.
Once you have one installed, run a quick scan and let the program do its job. It will scan every corner of your system for any components of the ransomware. After this, it will display all threats it detects, including the Eking ransomware. You get to decide whether or not to remove them or have them all fixed.
How to Protect Yourself from the Eking Ransomware
The key to protecting yourself from this malicious entity is by thinking before you click. Never open irrelevant emails and do not click on any links and attachments on emails. If there is a need to download an application, make sure to do so only from the official websites or via direct links. Do not trust any third-party downloaders or sources.
Also, it is best to always install software updates. These updates could contain fixes or patches to recently reported errors, which could be used by cybercriminals to attack your device.
At this point, your computer should be free of the Eking ransomware. Moving forward, take safety precautionary measures. Avoid clicking on anything suspicious and make it a habit to install software updates.
What other ransomware entities have given you headaches in the past? Share with us your experience!