FANDOM


Kaenlupuf is a ransomware that run on Microsoft Windows. It is aimed at Malay users.

Payload

Transmission

Kaenlupuf is distributed through using corrupted spam email attachments.

Infection

Kaenlupuf uses a combination of the RSA and AES encryption to make the victims' files completely inaccessible. It targets a wide variety of file types in its attack, including audio, video, databases, and many document formats used commonly. The Kaenlupuf Ransomware delivers its ransom note in an HTML file named 'kaenlupuf-note.html,' which is dropped on the infected computer's desktop. The Kaenlupuf Ransomware ransom note contains the following text:

NOTE FOR YOU - MUST READ
First of all, we congratulate you for being chosen to be among those with the most successful file protection 
from external threats.
We understand that you need your files immediately. We introduced a special package with affordable price 
which is as low as 1 Bitcoin only.
Surprised by our offer? So what are you waiting for, register your bitcoin wallet now to get your important 
files back.
The longer you wait the price will increase. Your files are protected with RSA-2048 bit algorithm. Very good 
and interesting is it not?
GET BACK MY FILES!
To retrieve your files, follow these steps carefully:
1. Register your account in Bitcoin wallet at the following URL:
https://blockchain.info/wallet/
2. Use our bitcoin address to transfer your credit:
173MLPGRWdc6z91gQXBCHYVTkqTR9tMABb
3. The amount of the payment is as follows:
1 BTC
4. Make sure add your ID when making a transaction.
TOKEN - YOUR ID: [RANDOM CHARACTERS]

Origin

MyCERT, an acronym for the Malaysia Computer Emergency Response Team, first developed Kaenlupuf. This is a software security provider that created Kaenlupuf as ransomware Trojan used to educate their staff and associated people. Kaenlupuf was used for exercises in the company. Unfortunately, at some point, Kaenlupuf was leaked and modified into a corrupted variant capable of carrying out effective attacks in the wild. This new variant of the original 2014 version of Kaenlupuf was first released in March 2017.

Community content is available under CC-BY-SA unless otherwise noted.