FileCry Ransomware

The FileCry Ransomware is an independent, file-locking Trojan that holds your media hostage with an encryption function that keeps them from opening. Its attack can lock documents, pictures, and other, often-used formats indefinitely, although current versions use a weak encryption method that's reversible for free. Victims can recover with free solutions, including backups, but should apply compatible anti-malware services for removing the FileCry Ransomware infections.

The Legend of the WannaCryptor Ransomware Lives on Ignominiously

With the nickname of WannaCry Ransomware, WannaCryptor Ransomware, or '.wcry File Extension' Ransomware, this Trojan is a seminal and genre-defining entity inside the threat landscape. Another copycat, without a code-based relationship to it, appears long after the campaigns of similar entries like the RagnarokCry Ransomware, the Try2Cry Ransomware or the WannaRen Ransomware. As a silver lining, malware experts note unusually poor coding choices in the new the FileCry Ransomware that gives hope for the victims.

The FileCry Ransomware takes both its looks and other symptoms from the infamous WannaCryptor Ransomware. The Windows Trojan uses a unique, and not particularly secure, encryption method on the victim's files, with an internally-saved encryption key for unlocking them. It creates a red HTA pop-up that asks for several hundred dollars in Bitcoins and flags the victim's files with extra 'filecry' extensions. So far, malware experts have yet to find out how this Trojan targets and infects its victims.

The encryption routine is where the bulk of the FileCry Ransomware's novelty lies, but not in a way that benefits its extortion. The Trojan adds a mere one byte of extra data to each file and doesn't protect the unlocking mechanism significantly. Many users should be capable of recovering their data freely, with the help of appropriate anti-malware researchers, even if they lack the remote backups that malware experts continuously recommend.

Keeping Trojans in Tears Instead of Your Media Files

The FileCry Ransomware's last known wallet has no transaction history that implies any successful extortion efforts. However, updates to the FileCry Ransomware could re-secure its encryption, even as simplistic as it is, relatively quickly. Windows users should avoid infection vectors, whenever possible, and maintain a regular update schedule for backups of any files of value on their computers.

Some of the more-usual infection techniques that Trojans of the FileCry Ransomware's type use are easily-avoidable with simple procedures that are relevant to nearly all Windows users. These include:

• Pirated software, movies, and other media may bundle this Trojan with their files. Scans from many security suites will detect these Trojan installers, but users should also avoid illegal downloads.
• Exploit Kits, and other sources of drive-by-download attacks on the Web tend towards using some features frequently. Always turn off Flash, JavaScript, and Java on untrusted websites.
• E-mail attachments are a routine source of infection for workplace networks, and any attached document or spreadsheet that asks for activating additional content, or a macro, is suspect.
• Brute-forcing is an efficient way of compromising accounts with poorly-selected passwords, and stronger passwords will, by contrast, protect these accounts from an attacker's hijacking attempts.

Anti-malware services for the Windows OS should flag and delete the FileCry Ransomware. This protection doesn't extend to data recovery, although victims might, as noted, have access to decryption options.

The FileCry Ransomware is a slapdash, poorly-written affair, for a successor to the mantle of the WannaCryptor Ransomware. Still, it might be the herald of worse attacks coming, and users should handle it as the adversary in software form that it is.