In the latest example of bizarre ransomware strains, can we introduce you to Koolova. Or as it prefers to be known, Jigsaws nice twin.
We’re not going into any detail on what ransomware is on this article. We’ve covered it enough times on this site and if you still don’t know, read our article here that explains all.
Koolova continues the latest trend of weird ransomware strains, appearing a handful of months after security researchers discovered the Popcorn Time ransomware that would let you decrypt your files for free providing you could “refer” two others into installing it.
Koolova, on the other hand, will let you decrypt your files for free as well, only this time the only thing you need to do it read two security related articles that teach you – ironically – how to avoid ransomware infections. Once you click the links provided by the ransomware to both articles, a Decrypt button is activated that retrieves your decrypt key.
Strange, certainly. The original Jigsaw ransomware was a nasty infection that was spotted in 2016 and was the first variant of ransomware to actually delete your files for good (not just encrypt them) if you took too long to pay the ransom. Jigsaws “nice twin”, Koolova, will also delete your files if you take too long to read the security articles is provides.
Hello. I’m nice Jigsaw or more commonly known as Jigsaws twin.
Unfortunately all of your personal files (pictures, documents, etc…) have been encrypted by an evil computer virus known as Ransomeware’.
Now now, not to worry I’m going to let you restore them but only if you agree to stop downloading unsafe applications off the internet.
If you continue to do so may end up with a virus way worse than me! You might even end up meeting my infamous brother Jigsaw 🙁
While you’re at it, you can also read the small article below by Google’s security team on how to stay safe online.
Oh year I almost forgot! In order for me to decrypt your files you must read the two articles below.
Why the author has taken such an approach is a mystery, but it’s unlikely that this ransomware will ever be released into the wild. It was discovered in a “beta” in-development stage by security researchers who had to fix some settings to get the ransomware to work. However if the author does decide to finish the software themselves, then this is certainly something you could end up on your computer unless you follow the same advice in the articles the ransomware implores you read.
Our advice; read the articles first without having malware developers urge you to do it.