AslaHora threat makes a diversion by disguising as HiddenTear-based virus

AslaHora is a malicious ransom-demanding Trojan that is also known as Malki ransomware virus. It functions as a typical file-encrypting virus, and it adds .malki file extensions to encrypted records. Though some of IT professional thought it to be based on HiddenTear malware, in fact, it is a different infection. After taking a closer look at the threat, it becomes obvious that it is a joke to give a lesson for credulous users.
The developer himself grants the decryption code – MALKIMALKIMALKI. Upon decoding the files, you have to check the mark – “I agree to Malki that I won’t run the malicious program again.” Once you type the key, the notification pops indicating “PC Unlocked by Malki.”
Even if you managed to decode the files, make sure to perform explicit AslaHora removal. For that purpose, you may find FortectIntego or MalwarebytesMalwarebytes practical.
More “preaching” ransomware threats are surfacing
Lately, a new trend among hackers was detected. Perhaps due to summer moods or other reasons, more file-encrypting threats, which are too weak and can be easily decrypted, or specifically devised so poorly, appear in the cyber space.
Between the two major cyber “quakes” – WannaCry and Petya assaults[1] – several minor threats find their place. While some of them are just failed attempt to program a full-fledged crypto-virus, others are obviously created for entertainment purposes.
There are dozens of screen lockers which try to disguise under ransomware but contain a hint of the passkey in their source code. However, Malki ransomware might be an exceptional case when the hacker facilitates decoding process.
On the other hand, the cases when fraudsters give up their “work” by releasing the decryption key or password are not completely rare. Recently, AESNI felon and the masterminds of Petya virus willingly published master keys.[2]
Even if you get infected with AslaHora virus, there is no need to panic as you can simply enter the passkey. It does not mean that you are fine. Remove AslaHora and its registry keys.
Regarding the crooks‘ warning, they might be right: if your OS got entangled by the threat suggests that you accidentally clicked on a malicious file or program. Let us briefly look through the transmission tendencies to prevent AslaHora hijack in the future.
Ransomware looks for victims in poorly protected websites
Though the cases when even legitimate and well-known websites were hacked are not a complete rarity, the probability to run into this virtual infection is much higher in P2P file sharing websites, gaming domains, etc.
Additionally, let us not forget that other more sophisticated threats prey on users via spam emails. Do not fall into the trap. Such emails often contain grammar and typos. Note that trojans delivering ransomware often join forces with exploit kits. Thus, make sure you fortify your cyber security with malware elimination tool. Vigilance and cautiousness are also proper “weapons.”

Eliminate Malki/AslaHora virus
Fortunately, this time you will easily get away with decryption of files. However, this malware surely serves as the lesson to be more careful next time. Remove AslaHora virus and then enter the password to decode files.
There is a chance that this malware might shut down the anti-virus or malware elimination tool. In order to “uninstall” the malware, or simply finish AslaHora removal, reboot the device in Safe Mode or use the second method.
If you happened to be from the Czech Republic and encountered this threat, visit the Czech version[3] of 2-spyware for more information about malware and ways to counterattack it.
Was this guide helpful?
Be the first to comment