Ransomware Trojan ‘LinkUp’ Blocks DNS Settings To Mine Bitcoins

 ‘LinkUp’: Ransomware Trojan

The security team of Emisoft has found a new malware variant called ‘Linkup’ which is a kind of ransomware that modifies DNS settings and block it. Before telling you about ‘Linkup’ Trojan, I would like to tell you about the term ‘Ransomware’. This term is strongly connected with Linkup Trojan as Linkup is the first ransomware trojan that modifies DNS settings to mine bitcoins.


To understand what ransomware is – it basically acts like a malware or trojan which when enters into your system start encrypting your data. This ransomware is requesting for payment or ransom to decrypt that data. This directly affects your Computer system and crashes it very badly.

Read: How does Heartbleed work?

Aim of Linkup:

Being a ransomware, Linkup not only affects the users sytem but also blocks the internet access. In this way this Ransomware turns your computer into bitcoin mining robot.

How does Linkup work?

Once the Trojan is installed in your computer, it make replicas of itself which directly affects on the Firewall. It disables the Windows security and Firewall services. Now this will directly affect on the DNS Server. This allows malwares to interact with internet. Now Council of Europe sends a notification to victim’s browser of that they are watching Child pornography and for this you have to pay £0.01 as a fine.

Linkup trojan
Linkup trojan

Emisoft Security Team explains about the malware, “This combination of ransomware and Bitcoin mining is a new and fascinating development. At this point, however, its functionality is still quite limited as the downloaded jnProtominer only works on 64-bit operating systems. In time, it will be interesting to see if Linkup is modified to download more flexible variants.”

Now for paying ransome you must enter your personal details and the payment is done by credit cards only. Linkup not only blocks your internet access, it will also install other malware which mines bitcoin. This ransomware tries to connect the victims system to Bitcoin mining Botnet. By connecting this, it can combine the computer power of all infected computers through which attackers can earn new bitcoin.

How do you protect yourself from Linkup?

You can remove this trojan in two ways:

  1. Automatic removal
  2. Manual removal

In Automatic removal, you need to download Spyhunter Malware Security Site which detects Linkup Ransomware and remove it.

Another way is Manual removal.

  • Reboot your system into safe mode.
  • Now if you are using Windows 8 as an operating system then you need to press Shift and then F8 continuously which results in new advanced recovery mode.
  • Now select the Advanced boot option after clicking on restart option.
  • After opening of Command prompt, type:

Windows Vista/7/8: C:\Windows\System32\rstrui.exe and Enter.

  • With this system restore should start and it will tell you that your computer is infected.
  • After restoring, restart your computer and scan with anti-virus program running in your system. So that it assures you that your system is free from this trojan.

User needs to be aware of such Trojans or malwares to protect their system from crashing or for secure internet access.

Author: Kriti Jain