Home Malware Programs Ransomware FDFK22 Ransomware

FDFK22 Ransomware

Posted: August 26, 2020

The FDFK22 Ransomware is a file-locking Trojan that's part of the AES-Matrix Ransomware family. It can keep files from opening with its encryption-based attacks against them and may include other features, such as overwriting drive space, for hindering data recovery. Users should have backups on other devices as a practical solution and let qualified anti-malware programs remove the FDFK22 Ransomware as soon as they identify it.

Watching the Size of a File-Devouring Matrix Grow

The AES-Matrix Ransomware isn't nearly as sensational in many of its campaigns as other families, like the sometimes-colorful STOP Ransomware group. Still, its family retains a slow-but-steady approach to cyber-crime. A new build from out of its Ransomware-as-a-Service, the FDFK22 Ransomware, offers the usual combination of blocking data with encryption and making money off a ransom. With the memorable name of 'Frida Farko,' the FDFK22 Ransomware makes paying its ransom simple, although whether any unlocking happens afterward is questionable.

The FDFK22 Ransomware adds its e-mail address, referencing that name in the encrypted files' names. The attack simultaneously blocks most non-essential files from opening and provides the essential information for negotiating a ransom with the threat actor. However, the FDFK22 Ransomware also includes an RTF note, as is typical of AES-Matrix Ransomware. Through it, the Trojan provides additional, redundant e-mails, an ID, and a supposed 'test' of the decryption that unlocks the affected files.

The FDFK22 Ransomware's family is a reasonably-secure one, with ongoing confirmation of it, through variants like the '.MTXLOCK File Extension' Ransomware, the 'pedantback@protonmail.com' Ransomware, the Matrix-EMAN Ransomware, and the Relock Ransomware. Victims have scant hope of unlocking their files with free software, and the AES-Matrix Ransomware releases may include additional, adverse effects, such as overwriting free space on hard drives. Consequently, malware researchers always recommend a backup on one or more separate devices for the best defense against attacks by the FDFK22 Ransomware's family.

Tracing the Shape of a Surprisingly Fragile Criminal Business

The FDFK22 Ransomware's group tends towards RDP or Remote Desktop-based infection exploits. Users can guard against these attempts easily by using strong passwords, deactivating or securing RDP features, and installing software patches regularly. Although the FDFK22 Ransomware is most likely to target business's unprotected networks, its payload has the same risks of data loss for home users as it does for workplaces.

The FDFK22 Ransomware doesn't intentionally harm the Windows operating system but may block most media formats. Its method of doing so, AES and an RSA key, has a long-term history of being secure against the cyber-security industry's decryption investigations. Users should emphasize proactive steps for avoiding infections or blocking and removing them as soon as possible.

Windows anti-malware programs will find, flag, and isolate or remove the FDFK22 Ransomware as appropriate. Disinfection isn't the same as unlocking files and doesn't affect the encryption that stops their opening.

The FDFK22 Ransomware has some hard-to-miss features like changing the user's wallpaper, but by that time, its work is complete. Catching a Trojan before it shows itself is just as valuable in computer warfare as spotting enemy snipers is in a real war.

Loading...