Rajiv Singha
Alert! Karma Ransomware will get you if you Install Free Software
November 16, 2016

beware of the karma ransomware

A fake Windows optimization software has been let loose on the Internet. And it is going by the name “Windows-TuneUp”. And why are we telling you about this? Read on.

Windows-TuneUp is a free software that claims to speed up slow computers. But in reality, it is a fake program used by attackers to hide a ransomware called ‘Karma‘. Once installed, Karma scans the user’s computer and begins encrypting all possible file types stored on it. The files that get encrypted are renamed with the extension .karma and this is followed by the display of the ransom note.

How does Karma Ransomware get into your computer?
This incident is associated with a certain pay-per-install (money is generated for every install) software monetization company. If you download a free program that is monetized by this company, you will be greeted by an offer for a free program that claims to optimize your slow computer. This very program is Windows-TuneUp a.k.a the Karma ransomware.

Reportedly, once installed, the program displays a window showing fake performance stats and pretends to optimize the system. It even has a website that looks genuine. And while an unsuspecting user is trying the tool or checking out the website, the ransomware is silently encrypting the files. It is not until the ransom note is flashed does the realization dawn that something is wrong. It’s too late by then!

So, what now?
Every malware works according to certain commands received from a server which is controlled by the attacker. This server is called command and control (C&C) server. The good news, in this case, is the C&C server of Karma is not active anymore. This means, even if anyone downloads this ransomware, they won’t be affected.

However, the lesson to be learned here is…
Karma was not the first ransomware to have been spread in the guise of a free software and it won’t be the last. For all you know, attackers might be crafting other such ransomware as you read this post.

So, we need to be prepared, all the time.

• Avoid downloading free software from shady, unknown or less reputable websites.

• If you are taking the risk of downloading a free software, double check on its safety: Google for its reviews and check if its publisher is verified or not (very important!).

• You can also check if a website is safe on or

• Before downloading any software, check if it is asking you to install any additional software. Mostly, it is these software that are malicious or potentially harmful.

• Invest in an antivirus software that prevents harmful programs from getting installed on your computer.

If your friends or peers have a habit of installing free software, you may want to share this post with them.


Content reference source:


Have something to add to this story? Share it in the comments.

Rajiv Singha
About Rajiv Singha
Rajiv is an IT security news junkie and a computer security blogger at Quick Heal. He is passionate about promoting cybersecurity awareness, content and digital...
Articles by Rajiv Singha »


Your email address will not be published.


  1. Anirban DuttaNovember 17, 2016 at 9:12 AM

    Thank you. Quick Heal Antivirus Pro protect from it?

  2. Hi I like this software.

  3. rashmi dwivediNovember 19, 2016 at 12:08 PM

    nice anti- virus

  4. Thankyou Quick heal for alerting me

  5. Prakash Kumar sahooNovember 19, 2016 at 4:34 PM

    Quick heal is best

  6. new product, not updating. please i need your help

  7. Mahantesh koriNovember 19, 2016 at 10:45 PM

    Is it really True /Helpful

  8. Dipak n shilvantNovember 19, 2016 at 10:48 PM

    Very good antivirus app i like

  9. Amarjeet GopeNovember 19, 2016 at 10:48 PM

    Thank you for save my mobile phone with viruses

  10. Amarjeet GopeNovember 19, 2016 at 10:51 PM

    Thanks for this app because it’s products save my phone with viruses

  11. Quick Heal Antivirus Pro protect from it?
    I like this software.Thank you

  12. Stephen S. PotterNovember 20, 2016 at 8:46 AM

    Thank you most graciously for the above information! I have bookmarked all of it for future use.

  13. Rajesh kumar shyamsukhaNovember 20, 2016 at 9:17 AM

    Thanks for alerting


    S. N. VAIDYA

  15. parmar sanjayNovember 20, 2016 at 10:48 AM

    Hi I like this software.

  16. BHOLA NATH PANDEYNovember 20, 2016 at 12:42 PM

    I am try to your product

  17. Shelke_prsd@rediffmail.comNovember 20, 2016 at 2:36 PM

    Hi I like this software.

  18. 20, 2016 at 4:53 PM


  19. jainsubhash961@gmail.comNovember 20, 2016 at 6:57 PM

    verygood softwear

  20. Why Don’t You Advice Install A Quick Heal Antivirus…………………??????????????

  21. Prasanta ThakurNovember 21, 2016 at 2:39 AM


  22. Sanjay RajakNovember 21, 2016 at 7:06 AM

    I am impressed very nice.

  23. chandani KumariNovember 21, 2016 at 10:39 AM


  24. Thanks

  25. Hi,
    Can any one help to decript my documents and images which are affected by the ransomware and cerber 3 files (renamed)

    • Rajiv Singha Rajib SinghaDecember 1, 2016 at 5:10 PM

      Hi Gopal,
      Unfortunately, files once encrypted by a ransomware cannot be decrypted without the decryption key that the attacker sells for a ransom. However, our support team can help you retrieve the backup of your data if it was stored in a secure location before the ransomware infection.

      Please call us on our toll-free no. 1800-121-7377 or visit to chat with us online. You can also raise a ticket at and we will get back to you at the earliest.