FuxSocy Ransomware
The FuxSocy Ransomware is a file-locking Trojan that borrows many functions and formatting characteristics from from the Cerber Ransomware. Its attacks will encrypt and block various media files, create ransom notes selling its unlocking assistance, and change filenames and extensions. Most anti-malware products should stop and remove the FuxSocy Ransomware preemptively.
Television References Continue Being Mainstream in the Trojan Market
Another file-locker Trojan that's serving as indirect advertising for the hacking-themed Mr. Robot show is planting itself into the list of previous ones, which includes such different cases as the FSociety Ransomware, the ShutUpAndDance Ransomware, the OPdailyallowance Ransomware and the Fs0ci3ty Ransomware. While the current subject, the FuxSocy Ransomware, isn't a relative of any of them, it does borrow features from an old threat: the Cerber Ransomware.
The thematic relevance of Mr. Robot is routinely put to use in these campaigns, which use encryption for blocking and ransoming their victims' files. The FuxSocy Ransomware behaves very similarly to the original Cerber Ransomware, in this respect, despite taking a new name that comes from a sabotaging Python script in an early episode of the Mr. Robot television show. Both the filename changes the FuxSocy Ransomware adds, its internal list of formats to avoid blocking, and its ransom note all show striking elements in common with 2016's Cerber Ransomware.
Some changes that malware analysts see include the FuxSocy Ransomware's changing the negotiating platform to Tox.chat, a peer-to-peer, encrypted messaging service, and altering the ransom note for its name instead of that of Cerber Ransomware. The FuxSocy Ransomware also has a broader list of exceptions for what it locks, although typical content, such as documents, pictures, or music, should still be affected. The encryption has no current decryptor available for free unlocking services.
Getting TV Shows Out of Your Files
While the FuxSocy Ransomware only encrypts a portion of each file's data, it does so sufficiently that the content is no longer readable by the associated programs. This shorthand encryption method also offers some advantages to the threat actor. The FuxSocy Ransomware takes less time for completing its attacks and maximizes the damage it inflicts in a narrow window before proceeding with the extortion.
The FuxSocy Ransomware also is more than a minor update to Cerber Ransomware and includes some features suggesting the author's familiarity with programming. It has extra anti-analysis and detection functions, mostly based on self-terminating inside of virtual environments. This feature only highlights the general usefulness of sandboxes and similar solutions against file-locker Trojans and similar threats, even for an average user.
Malware researchers can only recommend backups as an appropriate countermeasure to any damage that the FuxSocy Ransomware inflicts. The FuxSocy Ransomware is another joking media reference that turns fictional hacking into a real-world affair. The growth of threatening software as a theme in mainstream media is just one of many signs that encryption and unwanted Trojans aren't just for programmers – they're also an everyday man's problem.
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.