While you may want to live long and prosper, you don\u2019t want to be \u201ckirked\u201d\u2014an extension added to files encrypted by the new Star Trek-themed Kirk ransomware.Kirk ransomware, which was discovered by Avast malware researcher Jakub Kroustek, doesn\u2019t want the ransom to be paid in bitcoin. Bleeping Computer said it \u201cmay be the first ransomware to utilize Monero as the ransom payment of choice.\u201dIt is not known how the ransomware is being distributed, but researchers know that Kirk ransomware masquerades as the Low Orbital Ion Cannon network stress tool; LOIC was once favored for denial of service attacks. The fake version sports the LOIC slogan, \u201cWhen harpoons, air strikes and nukes fail,\u201d and claims to be initializing once executed.In reality, once executed, the ransomware generates an AES password that is encrypted with an RSA-4096 public encryption key, scans the C drive to encrypt specific extensions, and adds \u201c.kirked\u201d to the encrypted file name.The ransomware note displayed shows an ASCII art image of Spock and Captain James. T. Kirk\u2014the pictures are of the original Spock (Leonard Nimoy) and Kirk (William Shatner)\u2014followed by: \u201cOh no! The Kirk ransomware has encrypted your files!\u201dKirk ransomware, which was written in Python, currently targets 625 files types. The ransom note lists many popular file extensions, followed by: \u201cThere are an additional 441 file extensions that are targeted. They are mostly to do with games.\u201d Some people might opt to pay to unlock their pictures, movies, music and Office documents, but Solitaire? When viewing the full list of targeted extensions via Bleeping Computer, you can see that the ransomware even targets the extension to encrypt Microsoft Spider Solitaire.Victims who bow to the extortion and intend to pay the ransom are told to send 50 Monero to a Monero wallet. The value of Monero\u00a0at the time of writing is $23.50595522, so the ransom is about $1,175. The ransom note says the time of infection was logged and payments received after 48 hours from the \u201ctime of infection will be charged double\u201d\u2014so roughly $2,350. The ransom price after 8-14 days is 200 Monero, or about $4,700. It\u2019s 500 Monero 15-30 days after infection, or about $11,750. On day 31, the password decryption key is deleted.Spock to the rescueOnce the ransom payment is made, victims will allegedly receive their \u201cdecrypted password file and program called Spock.\u201d The ransom note says to run Spock to decrypt all files encrypted with Kirk ransomware.As of right now, there are no known victims of the ransomware. Therefore, Bleeping Computer noted that researchers have yet to see a sample of the Spock decryptor and believe that \u201cat this time the ransomware does not look like it can be decrypted;\u201d researchers often try to release ransomware decryptors so victims have options other than pay or lose everything not backed up.Once it is circulating in the wild and infecting victims, Bleeping Computer\u2019s Lawrence Abrams noted:If you plan on paying the ransom for the Kirk Ransomware, you must not delete the pwd file as it contains an encrypted version of your decryption key. Only the ransomware developer can decrypt this file and if a victim wishes to pay the ransom they will be required to send them this file.