RedFox Ransomware

Posted: June 26, 2018

RedFox Ransomware Description

The RedFox Ransomware is a file-locking Trojan and worm that can encrypt documents and additional media for the sake of extorting money from their owners. Significant features that malware experts highlight also include the potential for self-distribution over detachable storage, and disabling valuable security features. Have your anti-malware programs remove the RedFox Ransomware on sight and make regular backups as precautions against its encryption damages.

A Fox for Hire to Eat Your Files

Ransomware-as-a-Service is acquiring a new entry in its illicit business model, competing alongside such options as the little-known ShurL0ckr Ransomware, the prolific Globe Ransomware, and the freeware of Hidden Tear. This newest Trojan, the RedFox Ransomware, began its advertising campaign on the Dark Web and various social networks late in 2017 and continuing into 2018. However, malware experts are taking notice of features from the RedFox Ransomware that make it stand apart from past releases of file-locking Trojans.

Most Trojans using cryptography or other attacks for locking media don't distribute themselves without the help of other threats, which can vary from corrupted document macros to Trojan downloaders. The RedFox Ransomware, however, uses a worm-based strategy of auto-running after compromising a detachable drive, such as any USB. New PCs may experience the RedFox Ransomware infections after the user does nothing more than plug in the associated device without launching any files manually.

The RedFox Ransomware also provides a traditional encryption attack for locking the local files of a PC by a combination of Blowfish and RSA algorithms and creates custom-generated keys for every file. This technique is a secure encryption method that could block documents and other formats permanently, along with the RedFox Ransomware's deleting essential backup and system recovery data. Finally, malware experts are verifying that its payload also auto-deletes more files on a two-hour timer (nearly identically to the Jigsaw Ransomware).

A Complete Predator Package against Computing Technology

The RedFox Ransomware includes a robust set of support features that don't relate to the act of locking files or delivering its ransoming messages directly. Some of the most substantial of these attacks include:

  • The RedFox Ransomware can disable different security and monitoring applications, including the Registry Editor and the Task Manager.
  • The RedFox Ransomware deletes system restoration points that victims could use for rolling back to an undamaged version of the file system.
  • The RedFox Ransomware may prevent the PC from using secure boot-up options, such as Safe Mode, and even stop a shut-down of Windows.
  • The Trojan can use MBR exploits for auto-launching, similarly to a rootkit.

No free decryptor is compatible with any variant of this file-locking Trojan, so far. While various anti-malware programs may delete the RedFox Ransomware safely, recovering any encrypted files without unharmed backups may not be possible.

With half a year of success in its underground business, the RedFox Ransomware is far worse than an actual fox in any hen house. Unlike a real animal, the appetite of a file-locker Trojan has no firm limits and can continue damaging files until you stop it.

Use SpyHunter to Detect and Remove PC Threats

If you are concerned that malware or PC threats similar to RedFox Ransomware may have infected your computer, we recommend you start an in-depth system scan with SpyHunter. SpyHunter is an advanced malware protection and remediation application that offers subscribers a comprehensive method for protecting PCs from malware, in addition to providing one-on-one technical support service.

Download SpyHunter's Malware Scanner

Note: SpyHunter's free version is only for malware detection. If SpyHunter detects malware on your PC, you will need to purchase SpyHunter's malware tool to remove the malware threats. Learn more on SpyHunter. If you would like to uninstall SpyHunter for any reason, please follow these uninstall instructions. To learn more about our policies and practices, visit our EULA, Privacy Policy and Threat Assessment Criteria.

Why can't I open any program including SpyHunter? You may have a malware file running in memory that kills any programs that you try to launch on your PC. Tip: Download SpyHunter from a clean computer, copy it to a USB thumb drive, DVD or CD, then install it on the infected PC and run SpyHunter's malware scanner.

Home Malware Programs Ransomware RedFox Ransomware

Leave a Reply

Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter. If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.