Fappy Ransomware
The Fappy Ransomware is a file-locking Trojan that's a variant of Hidden Tear, a previously public domain coding project. The threat actor is demonstrating current samples through fake game cheat downloads, and Windows users should be attentive to the risks of participating in illegal file-sharing activities. Anti-malware services will remove the Fappy Ransomware and its infection attempts.
Trojans Out of Hiding with Lures for Cheaters
Thanks to the ostensibly well-meaning code examples of Utku Sen, Hidden Tear is a not-so-minor chunk of file-locker history. Although most threat actors of 2020 prefer Ransomware-as-a-Services and their ease of use, some others remain capable of modifying the Hidden Tear program for their pet campaigns. Coming along after the likes of the Ahihi Ransomware, the EbolaRnsmwr Ransomware, the Skull HT Ransomware, or the SnowPicnic Ransomware, the Fappy Ransomware is the latest example of threatening freeware.
This version of the Trojan continues with many of its signature attacks, such as using encryption for locking files (on the whole, digital media like documents) and changing their extensions. It also has a few attributes that malware experts rate mildly atypical. The Trojan's ransom demand is trivial, at less than twenty dollars in Bitcoins. The threat actor uses a 'disposable' e-mail service for negotiations, as the Trojan details in its text ransom note. This Hidden Tear version also has an image for the victim's wallpaper, which provides some small graphical flair.
Most interestingly, the Fappy Ransomware's executable name hides the Trojan as a cheat software installer for the popular Fortnite, a 'battle royal' shooter. This game's competitive nature makes the Fappy Ransomware's tactic one that could achieve numerous installations rapidly. On the other hand, many of the targets are likely to be children with little money, hence the low ransom.
Legal Browsing for Safer Software Encounters
Illicit downloads are an all-too-common theme in file-locker Trojans' escapades, and even threat actors using free toolkits can have their fingers on the pulse of currently-in-vogue hobbies. Windows users would do well to avoid torrents and unknown software websites as a general rule. Although the Fappy Ransomware doesn't use false extensions, certificates, or advanced obfuscation, its encryption can become a long-term problem for any victim's files.
Hidden Tear is often compatible with the decryption routines of free solutions. Users should always test a decryptor with copies of their work as a precaution against further data corruption. Malware researchers also endorse using backups on secure, secondary devices, which takes any bargaining power out of the Fappy Ransomware's threat actor's hands.
A respected anti-malware service can delete the Fappy Ransomware as a threat before any file-locking behavior has a chance of happening. Systems not using Windows, also are safe, for the time being.
While everyone dreams of being the best at their passion, not everyone can succeed at that aspiration. This universal component of human nature is part and parcel of the Fappy Ransomware's campaign and a potent example of when jealousy can become a security danger.
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.