RedFox Ransomware
The RedFox Ransomware is a file-locking Trojan and worm that can encrypt documents and additional media for the sake of extorting money from their owners. Significant features that malware experts highlight also include the potential for self-distribution over detachable storage, and disabling valuable security features. Have your anti-malware programs remove the RedFox Ransomware on sight and make regular backups as precautions against its encryption damages.
A Fox for Hire to Eat Your Files
Ransomware-as-a-Service is acquiring a new entry in its illicit business model, competing alongside such options as the little-known ShurL0ckr Ransomware, the prolific Globe Ransomware, and the freeware of Hidden Tear. This newest Trojan, the RedFox Ransomware, began its advertising campaign on the Dark Web and various social networks late in 2017 and continuing into 2018. However, malware experts are taking notice of features from the RedFox Ransomware that make it stand apart from past releases of file-locking Trojans.
Most Trojans using cryptography or other attacks for locking media don't distribute themselves without the help of other threats, which can vary from corrupted document macros to Trojan downloaders. The RedFox Ransomware, however, uses a worm-based strategy of auto-running after compromising a detachable drive, such as any USB. New PCs may experience the RedFox Ransomware infections after the user does nothing more than plug in the associated device without launching any files manually.
The RedFox Ransomware also provides a traditional encryption attack for locking the local files of a PC by a combination of Blowfish and RSA algorithms and creates custom-generated keys for every file. This technique is a secure encryption method that could block documents and other formats permanently, along with the RedFox Ransomware's deleting essential backup and system recovery data. Finally, malware experts are verifying that its payload also auto-deletes more files on a two-hour timer (nearly identically to the Jigsaw Ransomware).
A Complete Predator Package against Computing Technology
The RedFox Ransomware includes a robust set of support features that don't relate to the act of locking files or delivering its ransoming messages directly. Some of the most substantial of these attacks include:
- The RedFox Ransomware can disable different security and monitoring applications, including the Registry Editor and the Task Manager.
- The RedFox Ransomware deletes system restoration points that victims could use for rolling back to an undamaged version of the file system.
- The RedFox Ransomware may prevent the PC from using secure boot-up options, such as Safe Mode, and even stop a shut-down of Windows.
- The Trojan can use MBR exploits for auto-launching, similarly to a rootkit.
No free decryptor is compatible with any variant of this file-locking Trojan, so far. While various anti-malware programs may delete the RedFox Ransomware safely, recovering any encrypted files without unharmed backups may not be possible.
With half a year of success in its underground business, the RedFox Ransomware is far worse than an actual fox in any hen house. Unlike a real animal, the appetite of a file-locker Trojan has no firm limits and can continue damaging files until you stop it.
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.