AnteFrigus Ransomware
A new ransomware threat called AnteFrigus Ransomware has been spotted recently. What is interesting about this threat is that its authors are not propagating it via the usual channels like spam emails, bogus application updates or torrent trackers. Instead, the creators of the AnteFrigus Ransomware have opted to utilize the RIG Exploit Kit. This leads malware researchers to believe that the creators of the AnteFrigus Ransomware are rather high-end cybercriminals with advanced skills and experience.
Table of Contents
Does not Target Data on the C: Partition
Another notable feature of the AnteFrigus Ransomware is that unlike most ransomware threats, which make sure to encrypt as much data as possible, this data-encrypting Trojan only goes after files, which are located on the D,: E,: F,: G,: H: and I: partitions. Having in mind that most regular users store a lot of their important data in the C: partition, this move looks rather strange. Based on the partitions targeted by the AnteFrigus Ransomware, it becomes clear that this ransomware threat also can compromise USB storage devices and shared network drives.
Has a Blacklist of File Types
If there are files present on the partitions targeted by the AnteFrigus Ransomware, this file-locking Trojan will make sure to apply its encryption algorithm and lock all the data present, such as audio files, images, documents, videos, archives, databases, etc. Interestingly enough, the AnteFrigus Ransomware also has a list of files that it will not encrypt – MSI, EXE and DLL. This shows that the AnteFrigus Ransomware does not want to tamper with files that may cause trouble with system services or software.
Encryption and the Ransom Note
The AnteFrigus Ransomware generates a unique victim ID for each user's system that it corrupts, which consists of various low case characters. The locked files will be marked with the victim ID generated as an additional extension at the end of the filename. The ransom note of the AnteFrigus Ransomware is called file '
We advise you against cooperating with cyber crooks as there is no guarantee you will be given the decryption key they have promised. Instead, download and install an anti-malware tool and make sure to use it to remove the AnteFrigus Ransomware from your computer.