FSociety Ransomware
Posted: August 19, 2016
Threat Metric
The following fields listed on the Threat Meter containing a specific value, are explained in detail below:
Threat Level: The threat level scale goes from 1 to 10 where 10 is the highest level of severity and 1 is the lowest level of severity. Each specific level is relative to the threat's consistent assessed behaviors collected from SpyHunter's risk assessment model.
Detection Count: The collective number of confirmed and suspected cases of a particular malware threat. The detection count is calculated from infected PCs retrieved from diagnostic and scan log reports generated by SpyHunter.
Volume Count: Similar to the detection count, the Volume Count is specifically based on the number of confirmed and suspected threats infecting systems on a daily basis. High volume counts usually represent a popular threat but may or may not have infected a large number of systems. High detection count threats could lay dormant and have a low volume count. Criteria for Volume Count is relative to a daily detection count.
Trend Path: The Trend Path, utilizing an up arrow, down arrow or equal symbol, represents the level of recent movement of a particular threat. Up arrows represent an increase, down arrows represent a decline and the equal symbol represent no change to a threat's recent movement.
% Impact (Last 7 Days): This demonstrates a 7-day period change in the frequency of a malware threat infecting PCs. The percentage impact correlates directly to the current Trend Path to determine a rise or decline in the percentage.
| Threat Level: | 10/10 |
|---|---|
| Infected PCs: | 76 |
| First Seen: | August 19, 2016 |
|---|---|
| OS(es) Affected: | Windows |
The FSociety Ransomware is a Trojan that encrypts non-essential files on your PC and hijacks the desktop's wallpaper. Such attacks normally correspond with attempts to hold data hostage for ransom, but the current versions of the FSociety Ransomware lack any payment instructions or recommended means of decrypting your data. Blocking or removing the FSociety Ransomware infections through anti-malware protocols before they can finish encrypting your hard drive, along with keeping backups for data redundancy, are the best countermeasures to this threat.
A Fictional Society Emerges in Real Life Malware
Threat authors often appreciate the power of strong imagery as a persuasion method, particularly when it comes to asking victims to take ordinarily inadvisable actions. In the past, malware experts saw the expression of this phenomenon in unrelated Trojans 'borrowing' the images of the CryptoWall Ransomware, as well as different threats making use of the Anonymous organization's Guy Fawkes mask. However, fictitious symbols also are open to being exploited, as the new the FSociety Ransomware makes clear.
The FSociety Ransomware bases itself on EDA2, an 'educational' source code project that was taken down by its author but still circulates on underground forums devoted to threat development and related misdeeds. Like other EDA2 variants, t FSociety Ransomware includes an account-based UI for backdoor attacks that control the victim's PC remotely. Most crucially, it also encrypts data.
The FSociety Ransomware uses the same AES-based means of encrypting content as other versions of EDA2 and then transfers an RSA-protected decryption key to its C&C server afterward. Instead of a ransom message, malware experts only can confirm the FSociety Ransomware using images associated with the central hacker organization of USA Network's 'Mr. Robot,' a television drama lauded for its relatively accurate depiction of computer security. The FSociety Ransomware provides no ransom demands or other means of recovering your data from its attacks.
Putting Hackers Back in the TV Where They Belong
The only samples of the FSociety Ransomware available for analysis most likely are an early build of the Trojan, which malware experts expect to see new versions of over the coming months. Normally, paying ransoms to con artists who may or may not reciprocate the act with a data recovery solution is not a recommended solution to any ransomware campaign. However, as a file encryption Trojan without even that premise of recovery, PC users are left with preexisting EDA2 decryptors and unencrypted backups as their two most surefire methods of saving their files.
Although the FSociety is a fictional organization, in contrast to the more usually touted Anonymous, the FSociety Ransomware installations do have very real security implications. Use your anti-malware tools for removing the FSociety Ransomware as soon as possible to limit the possibility of additional attacks launching themselves through the FSociety Ransomware's backdoor controls. Besides the encrypted content, PC owners also can detect the FSociety Ransomware by eye from its changes to the default desktop background.
Even while 'Mr. Robot' represents an artistic triumph of translating real-world income inequality and security issues to a fictional product, con artists are using its symbols for exacerbating those same issues in real life. When seen through the lens of computer security, keeping your PC protected, your data preserved, and your money safe often are one and the same thing.
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.