Freezing Ransomware
The Freezing Ransomware is a data-locking Trojan, which was spotted circulating the Internet and preying on users recently. Usually, ransomware threats are written in VB.NET, C, and C++. However, the Freezing Ransomware has been written in PowerShell script.
Malware experts have been unable to confirm what is the infection vector used in propagating this threat. Some speculate that the authors of the Freezing Ransomware may be using the classic emails containing corrupted attachments, infected pirated software, and bogus application updates to spread their creation. The Freezing Ransomware will perform a scan, which will determine the locations of the files that will be decrypted later. Then, the Freezing Ransomware will trigger the encryption process. While the files are being locked, the Freezing Ransomware will add a ‘.Freezing’ extension to them. When the encryption process is completed, the extension applied will be altered to ‘.FreezedByWizard.’
Changing the extension like this is certainly not a widely spread practice among ransomware authors. Then, the Freezing Ransomware will proceed to drop a ransom note named ‘.FreezedByMagic.README.txt.’ In the note, the attackers tell the victim not to panic and that they can recover all the locked data by receiving them a ransom fee. However, the victim has only seven days to complete the payment or the authors of the Freezing Ransomware threaten to delete their decryption key. The attackers, however, fail to mention what the exact ransom fee is. They have given out an email address where the victim is meant to contact them and get more details on the matter – ‘freewizard9@protonmail.co.’
Ransomware authors often claim that if they get paid, they will reverse all the damage they have caused, but this is seldom the case. Very often they will gladly take the money and then cut off contact with the victim without providing them with the decryption key they so badly need. This is why we advise you strongly not to contact the authors of the Freezing Ransomware and instead consider downloading and installing a reputable anti-virus tool, which will wipe the Freezing Ransomware off your system.
