What is Killnet ransomware?
Killnet is a new ransomware program; as of now, it’s been active only for a few days. Just like any other ransomware program, it encrypts all files on the computers it managed to infect. Once infected, the files receive .killnet file extension. A file named “finances.xlsx”, for example, would be renamed to “finances.xlsx.killnet”.
Still, this ransomware is somewhat unusual. Ransomware programs always leave a ransom note of some kind – usually a text file – to communicate their demands. The ransom note Killnet leaves (named “Ru.txt”), however, is unusually short: it only lists contact information of the hackers and nothing else. If you compare this behavior to any other ransomware program, you will see that they usually try to be a bit more verbose. The note is also in Russian, even though it would have been trivial to translate, considering its length. The image above contains the original, and here’s the translated version: