French101 Ransomware
The French 101 Ransomware is a new malware threat that encrypts files on an infected computer, and a payment of a ransom needs to be made in exchange for a decryption tool. The malicious script adds the extension '.french101' to the corrupted files and drops a ransom note in a file named 'HOW TO RECOVER ENCRYPTED FILES.' The ransom note contains a long chain of letters and numbers, which represents the user’s personal identifier. The attackers ask the victim to contact them at any of the three given email addresses: french101@protonmail.ch, french101@cock.li, and french101@india.com, whereby the message should contain the user’s personal identifier. Also, it is stated in the ransom note that the amount of the ransom should be paid in Bitcoin and that its amount will depend on how soon the victim contacts the operators of the ransomware. Furthermore, the malware offers to decrypt three files for free, given that their total size is less than 10MB and do not contain valuable information, like excel files, databases or backups.
Cybersecurity experts claim that the French 101 Ransomware is a variant of the infamous Scarab Ransomware because the ransom notes of the two malware threats seem pretty identical. For Scarab, it is known that it is active since 2017 and uses sophisticated AES-256 and RSA-2048 encryption algorithms to lock up the files. The Scarab Ransomware uses mainly the Necurs botnet for its distribution. However, it also could spread around through corrupted email attachments, fake Adobe Flash Player or Java updates or other corrupted applications.
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.