Beware of the newest Ransomware threat: Mosk
Criminals make new malware and attack computer systems regularly. On 6th November 2019, the world woke up to yet another attack, this time it was a Ransomware with the extension “.mosk”, it is the most recent entry in the STOP/DJVU category of Ransomware, succeeding the “.toec” type.
What exactly is .mosk
Mosk is a unique file-encoding ransomware created by cyber crooks that have most likely used the 256-bit AES encryption. It will block access to all your data through digital encryption, without any warning and then demand a ransom to decrypt them all! Making it a lucrative scheme for all the cyber criminals. You won’t spot the mosk virus so easily because it cleverly pretends to be a legitimate program and promotes people to install it willingly.
- Name: Mosk virus.
- Type: Ransomware/ Cryptovirus.
- Family: STOP/DJVU ransomware.
- Extension: .mosk
- Threat Level: Very High.
- Ransomware note: _readme.txt
- Ransom Demanded: $490 to $980 in Bitcoins only.
The mosk virus can attack any PC right from Windows XP to the latest version of Windows 10, it can enter your system through any browser. The motive behind such activities is to earn a lot of ransom by locking away your files and extort you to pay them to get the files back.
How will it infect your PC?
Since this is a very recent ransomware, all the current antivirus and malware software won’t be able to detect it. The infection file will hide behind other types of files and stealthily execute its process in the beginning. It can enter your system via spam emails, attachments in them, freeware, porn or torrent sites, unofficial download sites, etc.
Once it gets in your PC, it will infect the registry editor and place its malicious code in the task manager. But following will be the visible activity of mosk to you: The ransomware will encrypt all the files in your PC like the photos, videos, documents, and other databases. E.g. if a file was reading this before:
“Concert_dance.mp4” it will then read like “Concert_dance.mp4.mosk”
And you won’t be able to play it until you pay the ransom demanded by its creators. This view you will see in almost all drives and folders of your system. Besides this, you will see a “_readme.txt” and if you open it, you will read the ransom text, in which they are saying to not worry, but decrypt your files back by purchasing a decrypt tool and unique key. They will ask you to pay $980 for that, and if you do it in the first 72 hours, you will get a 50% discount! They will decrypt only one file for free and also warn that you will be unable to decrypt your all data without them. In the end, they have provided a couple of mail IDs for you to contact.
The mosk ransomware will keep all its activities in the background, hidden from you until all its encryption is complete. After that, you will be unable to do anything on your PC, but see the drives and the _readme.txt message. When you try to open your files, you will see a message like “Windows cannot open this file format.”
Even if you rename the files and get back the previous extension, the files will still not open. Mosk will also block most of the websites on your browsers and will slow down the computer. By offering a 50% discount for the first three days, the cyber crooks are preying on your desperation. But are there any guarantees that your files will be given back even after you pay the ransom? Because they are cybercriminals.
So the better option is not to pay them anything. Countermeasures are being made by all the leading anti-virus software, you will come across many other solutions to remove the virus and decrypt all your files. A ransomware attack can be a big headache and stressful, but having some patience will prevent you from losing your money.