FREDD Ransomware

Posted: April 30, 2019

FREDD Ransomware Description

The FREDD Ransomware is a file-locker Trojan from the Dharma Ransomware branch of the Crysis Ransomware. Ransomware-as-a-Service businesses like this one can compromise a system through multiple strategies, with spam emails and brute-forcing weak passwords being in use especially. Victims should have backups of their work for recovering any files and keep one or more anti-malware products ready for removing the FREDD Ransomware infections.

The Lyrics of Trojan Greed

United Kingdom residents are suffering extortion through the latest version of the Dharma Ransomware family, part of a well-known Ransomware-as-a-Service or RaaS business. The Trojan, the FREDD Ransomware, is using the modest choice of an AOL account for its negotiations, but this relative unprofessionalism doesn't dampen the quality of its data encryption. The no-charge data restoration possibilities for its family are, unfortunately, in short supply.

The FREDD Ransomware's name and e-mail address may be references to a celebrated theatrical lyricist, Fred Alley, but it's possible that the threat actor is using a randomly-chosen pseudonym equally. While the name of this Trojan takes itself from the program's extension-inserting feature that tags all of the files it blocks with 'FREDD' extensions, this isn't the function that locks the victim's media. The actual locking mechanism uses the AES encryption, like most file-locker Trojans, and keeps your files from opening similarly to the MS13 Ransomware, the '.stun File Extension' Ransomware, the '.btix File Extension' Ransomware or the '' Ransomware.

The user should isolate the infected systems from the rest of a network carefully. Besides the general issues of threat actors possibly having a backdoor into the computer, the FREDD Ransomware may sweep all network-available drives (regardless of mapping or the lack of it) and encrypt their contents, as well.

Giving the FREDD Ransomware Its Swan Song

Leaving RDP settings open, not using properly-restrictive port settings, opening questionable e-mail attachments, and using easy-to-guess passwords can open your PC up to attacks from file-locker Trojans, among other threats. The FREDD Ransomware's family of the Dharma Ransomware favors using Remote Desktop Protocol-based installations that can give a remote attacker leeway for dropping other threats besides it. Traditional e-mail-based attacks will imitate a message from a believable sender, such as a shipping company.

The visible symptoms during the FREDD Ransomware infections are limited to the files that it encrypts not opening afterward, the filename alterations, and other issues that occur after the Trojan's payload has inflicted all intended damages. Old decryption software for the Dharma Ransomware is not compatible with new variants like the FREDD Ransomware, and users never should assume that paying a criminal's ransom will give them a real decryptor. Use anti-malware products for the removal of the FREDD Ransomware and all associated threats, and revert to your last backup for your file recovery needs.

Although threat actors using AOL accounts aren't, generally, very experienced, the danger of the Ransomware-as-a-Service sector lies in the uniformity of its 'products.' Like much of its competition, the FREDD Ransomware is mostly a copy-and-paste job – but one with equal competence at blocking the files that it doesn't want you to have.

Use SpyHunter to Detect and Remove PC Threats

If you are concerned that malware or PC threats similar to FREDD Ransomware may have infected your computer, we recommend you start an in-depth system scan with SpyHunter. SpyHunter is an advanced malware protection and remediation application that offers subscribers a comprehensive method for protecting PCs from malware, in addition to providing one-on-one technical support service.

Download SpyHunter's Malware Scanner

Note: SpyHunter's free version is only for malware detection. If SpyHunter detects malware on your PC, you will need to purchase SpyHunter's malware tool to remove the malware threats. Learn more on SpyHunter. If you would like to uninstall SpyHunter for any reason, please follow these uninstall instructions. To learn more about our policies and practices, visit our EULA, Privacy Policy and Threat Assessment Criteria.

Why can't I open any program including SpyHunter? You may have a malware file running in memory that kills any programs that you try to launch on your PC. Tip: Download SpyHunter from a clean computer, copy it to a USB thumb drive, DVD or CD, then install it on the infected PC and run SpyHunter's malware scanner.

Related Posts

Home Malware Programs Ransomware FREDD Ransomware

Leave a Reply

Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter. If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.