Hackers are selling a new Ransomware-as-a-Service (RaaS) called FileFrozr Ransomware. Our specialists report that a user named Frozr advertises the malware in various hacker forums. The price is said to be around 0.14 Bitcoins or approximately 185 US dollars. After making the payment cyber criminals can get a builder with which they can create their own version of FileFrozr Ransomware. As most of the malicious applications alike, it should lock the victim’s files with a strong encryption algorithm allowing the hackers behind the threat to hold the files on the computer as a hostage and demand the user to pay a ransom. The cyber criminals could distribute their created malicious applications through different channels, but we will talk about the possible distribution ways and other important details about this newly created infection further in the article.
As we said earlier, FileFrozr Ransomware is advertised on hacker forums. The malware’s developer claims it is a “Fast, stable, and affordable crypto-locker.” There is even a short description presenting the malicious applications capabilities. According to it, the threat is supposed to lock the victims with AES-256 and RSA-4096 cryptosystems. Plus, it is said the infection can encrypt more than 250 different file types, and each enciphered file should get its own unique decryption key. Thus, if you encounter such a threat, you would most likely lose all enciphered files as there are not many chances a lot of personal data could be left unaffected.
Moreover, our researchers say that anyone who is interested in purchasing the malware’s license can even get a glimpse of the malicious program’s builder by simply clicking the link added in ransomware’s advertisement. Doing so redirects the hacker into the infection’s web page. Once the buyer gets there, he can either buy the license and start creating his unique version of FileFrozr Ransomware right away or simply take a look at the online builder first. The site also provides a support section where cyber criminals can get the developer’s contacts if they need any assistance.
Furthermore, the malware’s site provides more information about the ransomware. It says the malicious application was created from scratch and it was even tested with a couple of security tools. Therefore, its creators promise anonymity and reassure the threat is “fully undetectable.” As we noticed, neither the advertisement nor the malware’s site mention how the ransomware could be distributed. Most likely, the hackers should have a lot of different options. In this article, we will tell you more about the most popular distribution methods so you would know how FileFrozr Ransomware or other threats alike could be spread and what to do to guard your system against them.
Based on our experience with ransomware, we can say many of these applications often travel with infected files that are sent to victims through Spam emails, so we would not be surprised if hackers who buy FileFrozr Ransomware’s license decide to use this method as well. It is important to mention such files may look like simple images, photos, videos, text documents, invoices, or other data that may not seem to be in any way suspicious to you. Together with the file, there might be some text urging to review the attachment as fast as possible, or there could be no explanation at all to raise your curiosity. This is why our specialists always advice to take extra precautions with any file sent via email, especially if it comes from an unknown sender or goes to Spam directory.
Another frequently used distribution option is various risky web pages, for example, torrent or other file-sharing websites, sites with adult content, and so on. Such sites may offer users to download malicious installers, fake updates, or other infected data. In fact, some of the malicious sites can infect the system even if you do not download any content; if there are any vulnerabilities in the system, the hackers can use them to drop the malware’s installer on the computer and launch it themselves. Naturally, to avoid such scenarios, it would be advisable not only to stay away from unreliable web pages, but also keep your browser, operating system, and other important software up to date to remove any possible vulnerabilities. In addition, it would be smart to acquire a reliable antimalware tool, since it could help you identify malicious content and keep the system secure. Just hold it in mind that the antimalware tool should be fully updated too or else it might be useless against newer threats.