FRM Ransomware
The FRM Ransomware is a harmful software that encrypts important files on infected computers, appending them with the ".[hitsbtc@tuta.io].FRM" extension. It is one more member of the Dharma Ransomware family. Once the victims are infected, and their files are encrypted, the threat actors demand a ransom paid in Bitcoin for the decryption key.
When a computer is compromised by the FRM Ransomware, the harmful program will scan for documents, images, videos, and other important files in different formats, including .xls, .pdf, .docx and .doc. After detecting the files, the FRM Ransomware will encrypt them, changing their extension to '.[hitsbtc"tuta.io].FRM' and the victim will no longer be able to open and view them.
After encrypting all important data on the infected machine, the FRM Ransomware will open a text file named 'FILES ENCRYPTED.txt' containing the ransom note, and further instructions on how to contact the threat actors for the ransom payment. The text of the ransom note is the following:
'YOUR FILES ARE ENCRYPTED
Don't worry, you can return all your files!
If you want to restore them, follow this link email: hitsbtc@tuta.io
If you have not been answered via the link within 12 hours, write to us by e-mail: hitsbtc@tuta.io
Attention!
Do not rename encrypted files.
Do not try to decrypt your data using third party software, it may cause permanent data loss.
Decryption of your files with the help of third parties may cause increased price (they add their fee to our) or you can become a victim of a scam.'
Currently, there is no possible way to decrypt the files encrypted by the FRM ransomware for free. However, this might change if security specialists manage to get their hands on the decryption keys from the attackers' servers. As always, paying the ransom is not advised, as there is no guarantee that the threat actors will not just ignore you once you've sent them the Bitcoin. If you want to be able to recover your files in the future, it is advised that you make copies of the infected drives and keep them on separate storage.
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.