Remove Alkhal Ransomware

ransomware

Yet another file-locker is threatening Internet users – the Alkhal Ransomware. This dangerous threat's creators are distributing it through email spam, social media, fake downloads, and other dubious or misleading content. Their goal is to infect as many users as possible with this file-encryption Trojan. When this happens, the victim loses access to their files because of Alkhal Ransomware's file-locking attack. In the end, every victim receives a ransom note, which asks them to pay money to the attackers. Allegedly, agreeing to pay a ransom sum will give victims access to a decryption tool, which can get their files back to normal.

The promises of the Alkhal Ransomware creators are certainly not something you should trust. They may take your money without providing you with anything. Since they request payments through Bitcoin, you will also be unable to cancel, reverse, or track the payment. Needless to say, these are the perfect conditions for cybercriminals who want to scam users out of their money.

This particular file-encryption Trojan uses the suffix '.alkhak' to tag the names of files it locks. It provides the victim with recovery instructions by setting the file Recovery.bmp as their wallpaper. It also creates the document ReadMe.txt on the desktop. Both messages are nearly identical. They explain the situation to the victim, and advise them to message alkhal@tutanota.com or cyrilga@tutanota.com. It is worth nothing that the criminals promise to unlock a few small (<5MB) files for free. You might want to take advantage of this offer to get at least several files back. Trying to work things out with Alkhal Ransomware's creators is a bad idea. You should use an anti-malware application to eliminate the threat, and then explore your recovery options. The best way to undo the damage is to restore through a backup. However, some 3rd-party data recovery utilities might always be able to help.

October 1, 2021