FBLocker Ransomware
The FBLocker Ransomware is a file-locking Trojan that encrypts all data types on your PC permanently, without preserving the key for decrypting it. Since the Trojan doesn't provide any solutions for recovering your files, only users with backups can reverse the impact of an infection adequately. However, traditional anti-malware products may disable the FBLocker Ransomware before it encrypts any media, as well as remove it safely at any point.
Facebook's Founder Becomes a Trojan's Mascot
Famous entrepreneur responsible for the Facebook social networking platform, Mark Zuckerberg, is a favorite target of online memes and jokes, as well as the occasional focus of political controversies. As of early May, a threat actor also is exploiting his image for mocking the victims of a series of attacks designed for disabling the files on any infected computers permanently. Unlike most forms of file-locker Trojans, the FBLocker Ransomware program doesn't leverage its features for extortion-related purposes.
The FBLocker Ransomware is independently-developed and not an evident clone of Hidden Tear, the Globe Ransomware, the Crysis Ransomware, or other families of file-locking Trojans. However, its attacks share some similarities to the Jigsaw Ransomware family due to having the same potential for destroying files in perpetuity. Unlike the Jigsaw Ransomware, however, the FBLocker Ransomware does so by encrypting all data with individual keys that it doesn't save, as opposed to deleting files securely. The encryption mechanism also isn't vulnerable to decoding by independent methods, at this time.
The FBLocker Ransomware also includes a high-resolution image of Mark Zuckerberg, which it uses in a temporarily screen-locking pop-up, as well as a text message informing the victim (in both Russian and English) of the attack. Users have no choices for data restoration other than reverting to their last backup but may identify what files the FBLocker Ransomware affects by searching for the appended '.facebook' extension that it uses.
Unplugging Your PC from a Parody of Social Networking
Because the FBLocker Ransomware is also classifiable as a file or disk-wiper, no amount of post-infection security procedures can reverse the encryption damage that its payload causes. Users can keep backups of their files on other devices, such as cloud servers or detachable USB sticks, for maximizing the safety of their data. Unlike most file-locker Trojans malware analysts examine, the FBLocker Ransomware doesn't limit its attack to a list of specified formats, such as documents or pictures.
While the FBLocker Ransomware isn't a byproduct of the Facebook platform or Mark Zuckerberg, some file-locking Trojans' campaigns do exploit Facebook for installing themselves. Besides disguising links from compromised profiles, threat actors also may drop this Trojan via spam e-mails, torrents, or corrupted websites hosting exploit kits like the JS/Blacole.OU. Anti-malware programs may disable most attacks during the infection stage or remove the FBLocker Ransomware afterward.
The FBLocker Ransomware is a callback to old design philosophy for Trojan software that causes harm without profiting from it. Whether it's better or worse for a victim to have a chance to waste money on a vain ransoming attempt, or never have such an opportunity is a question best left to no one to answer.
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.