Home Malware Programs Ransomware Free-Freedom Ransomware

Free-Freedom Ransomware

Posted: December 22, 2016

Threat Metric

Threat Level: 8/10
Infected PCs: 84
First Seen: December 22, 2016
Last Seen: December 27, 2019
OS(es) Affected: Windows

The Free-Freedom Ransomware is a fake file-encrypting Trojan that modifies your file system permissions to make it look as if it's encoded and locks your content, such as documents. Use the means detailed in this article to unlock your PC and regain access to any blocked digital data. For most PC users, malware experts recommend recovering efficiently by using dedicated anti-malware tools for deleting the Free-Freedom Ransomware after taking the described security steps.

The Trojan that Takes Permission for Itself

Many threat actors are making do with the superficial appearance of encryption as a substitute for the actual attack, which reduces the complexity of a threat programming and reduces some of the heuristic footprints that security solutions use for detecting them. However, your local files not being blocked by encryption doesn't mean that they're safe necessarily, as malware experts can demonstrate with the Free-Freedom Ransomware's campaign. This Trojan includes fake threats along with a legitimate (but unmentioned) attack against your file-accessing permissions.

Samples of the Free-Freedom Ransomware are installing through disguises as fake PDF spreadsheets, with an inaccurate PDF extension placed on what is, in fact, an executable program file. When the Trojan launches, it removes your logged-in Windows account's permissions for reading, writing, modifying, or executing various data formats. This attack causes the same result as encrypting that data effectively, by stopping you from opening any of the affected content.

Malware experts detect minimal differences between the Free-Freedom Ransomware's accompanying ransom message, an advanced pop-up, and those of real file-encoding Trojans. The Free-Freedom Ransomware demands a twenty-five British pound-value gift card before helping you unlock your computer and restore your files, while also lying to you about the nature of the attack. The ransom process also includes optional fields for information, such as your phone number, which could let the Free-Freedom Ransomware serve the secondary function of being phishing-based spyware.

Freedom for Files with No Price Tag Attached

Because the Free-Freedom Ransomware uses the hard-coded 'adam' password for unlocking your screen, computer users have no need to pay any ransom to reacquire access to their desktop. Although the Free-Freedom Ransomware isn't a real file-encrypting threat and has no need for countering decryption software, you may need to restore your permission settings on a file-by-file basis. To do so, right-click an affected file and select Properties, followed by the Security tab. Check any unchecked permissions boxes and re-add any group or user names, as is appropriate.

Standard security procedures recommend disinfecting your PC before recovering from any effects that a Trojan's payload may cause. Only a minority of less than the AV brands are identifying the Free-Freedom Ransomware as threatening currently, which may be a result of excluding any encryption functionality. Update your anti-malware products when asked, to give them improved chances of removing the Free-Freedom Ransomware on sight. Malware experts also recommend enabling the full display of file extensions, thereby stopping this threat from distributing itself as a supposed 'PDF' file.

Even young threat actors like those seemingly responsible for the Free-Freedom Ransomware attacks have no reason to be honest to the people they're targeting. If you ever are tempted to take the 'quick and easy' way out of a ransomware problem by spending money or giving up information, stop and consider that for many Trojans, like the Free-Freedom Ransomware, their bark may be far worse than their bite.

Loading...