Although the main reason cyber criminals indulge in their practice is money, sometimes they do it for sport, too. Take FileFuck Trojan, for example. This Trojan infection is based on the Hidden Tear ransomware code, so it should work like your regular ransomware infection, demanding money, and what not. However, it does nothing of the kind. It only corrupts user files, and then expects the user to deal with it on their own. Luckily, it is not that hard to remove FileFuck Trojan from the infected computer, although removal does not do much to restore the corrupted files.
Let’s start from the very beginning. As mentioned, this Trojan is based on the Hidden Tear ransomware. It shares certain similarities to the malicious code, and from that, we can also assume that this Trojan employs the same distribution methods, too.
The most common distribution method for any ransomware infection is spam. We receive tons of spam emails every single day. For the most part, they tend to get filtered into the Junk folder by our email service providers. However, not all providers use such sophisticated algorithms. Not to mention that sometimes the spam emails are so well-crafted that they slip into the main inbox, too.
If that happens, we have to be cautious about the messages we open (in fact, we should ALWAYS be cautious). When the sender is unknown and the tone of the message is urgent, it is very likely that it is a scam. What’s more, if the message comes with an attached file, and the sender says you have to open the file ASAP, then we can say with almost 100% certainty that you are being targeted by cyber criminals.
When users download the installer file for FileFuck Trojan, they still have to launch it. After the launch, this infection scans the system looking for the file types it can encrypt. The Trojan can corrupt most of the commonly used file types, so all of your photos, videos, text documents, and other types of files will be corrupted by this program if you allow it to enter your system.
Once the corruption process is complete, the program displays a totally useless message:
All your files were fucked forever by FileFuck!
You can not recover the files. forever!
I do not know if you've backed up your files, I'm sorry if you have not backed up.
Be sure to backup in the future!
It surely informs you about what happened to your files, but it doesn’t offer any solution. There is also no decryption tool available for this infection, so you have to rely on your wits and luck to restore your files. Of course, if you have an external backup, you can simply delete FileFuck Trojan along with the corrupted data and then transfer the healthy files back. If you are not that lucky, you should try looking at your other devices or cloud storages. Perhaps you have a big chunk of your files saved there. Finally, you can always address a professional who might be able to restore the corrupted files.
When you remove FileFuck Trojan, be sure to protect your system from similar infections. Also, be careful whenever you receive messages from unknown senders. Another Trojan might be right behind it!