Home Malware Programs Ransomware '.FileEncrypted File Extension' Ransomware

'.FileEncrypted File Extension' Ransomware

Posted: July 26, 2018

The '.FileEncrypted File Extension' Ransomware is a newly identified file-locker which, unfortunately, does not seem to be compatible with any of the currently available ransomware decryptors. This is likely to mean that users whose files are taken hostage by this particular threat will not be able to rely on free software to reverse the damage done to their data.

The '.FileEncrypted File Extension' Ransomware's attack isn't extraordinary, but it still manages to leave the victim with a hard drive filled up with encrypted files in just a matter of minutes. Apart from encrypting all sorts of files, the '.FileEncrypted File Extension' Ransomware also will modify their names by using the base64 encoding to scramble the original name, and then add the '.FileEncrypted' extension as well. The last part of the attack is meant to provide the victims with instructions on what they need to do to recover their data. The instructions in questions are stored in the files 'READ_TO_DECRYPT.html' and 'FILES_ENCRYPTED.html,' which instruct the victim to send 1 Bitcoin to the attackers to purchase the decryption software. The attackers also require to be contacted via a TOR-based messaging service, and they have provided the email 160505@tt3j2x4k5ycaa5zt.onion.

We are yet to find out about the exact infection vectors that the '.FileEncrypted File Extension' Ransomware's authors use, but it is more than likely that they rely on either corrupted e-mail attachments or exploit vulnerable RDP (Remote Desktop Protocol) software and services. We advise you to be extra vigilant for suspicious e-mail attachments, as well as to make sure that your computer is protected by a trustworthy and up-to-date anti-malware application. The best way to stay fully safe from ransomware attacks is to make sure that your important data is backed up either to a Cloud service or an offline storage device regularly – this way you'll be able to recover your data even if a threat like the '.FileEncrypted File Extension' Ransomware damages your files.

If you don't have a backup available and the '.FileEncrypted File Extension' Ransomware has damaged your files, then we assure you that you should not be tempted to send money to the attackers. Even if they get all of their demands fulfilled, they might still end up tricking you out of your money.