FuckSociety Ransomware
Threat Scorecard
EnigmaSoft Threat Scorecard
EnigmaSoft Threat Scorecards are assessment reports for different malware threats which have been collected and analyzed by our research team. EnigmaSoft Threat Scorecards evaluate and rank threats using several metrics including real-world and potential risk factors, trends, frequency, prevalence, and persistence. EnigmaSoft Threat Scorecards are updated regularly based on our research data and metrics and are useful for a wide range of computer users, from end users seeking solutions to remove malware from their systems to security experts analyzing threats.
EnigmaSoft Threat Scorecards display a variety of useful information, including:
Ranking: The ranking of a particular threat in EnigmaSoft’s Threat Database.
Severity Level: The determined severity level of an object, represented numerically, based on our risk modeling process and research, as explained in our Threat Assessment Criteria.
Infected Computers: The number of confirmed and suspected cases of a particular threat detected on infected computers as reported by SpyHunter.
See also Threat Assessment Criteria.
Threat Level: | 80 % (High) |
Infected Computers: | 36 |
First Seen: | November 8, 2016 |
Last Seen: | November 4, 2021 |
OS(es) Affected: | Windows |
The FuckSociety Ransomware is an encryption Trojan that is derived from the Fs0ci3ty Ransomware. The authors of the Fs0ci3ty Ransomware appear to have worked on new version named FuckSociety Ransomware, which is supposed to bypass AV shields and use an RSA-4096 cipher to lock the files on the victim's computer. The creators of the FuckSociety Ransomware rely on spam emails and social engineering techniques to convince users to run a corrupted executable that will download and install their threats. Web surfers may be suggested that downloading a small application would give them access to premium content on adult-rated sites and unlock shareware like the Microsoft Office.
Spam Emails are the Primary Carrier of the FuckSociety Ransomware
However, users might find that the suspicious file they ran is a strand of the FuckSociety Ransomware, which uses the '.DLL' file extension to mark the encrypted data. For example, 'Chilean_flamingo.jpeg' will be transcoded to 'Chilean_flamingo.jpeg.dll and the Windows Explorer may bring up an alert that the file may be damaged. Analysts note that the FuckSociety Ransomware can encrypt data stored locally on removable media and shared drives. As long as your information is not password-protected and is not governed by a read/write policy, it can be modified by the FuckSociety Trojan. Threats similar to the FuckSociety such as Exotic 3.0 and Kangaroo are designed to encode data containers for images, audio, video, text, presentations, databases and spreadsheets. The ransom note is provided as 'DECRYPT_YOUR_FILES.HTML' on the desktop of the user who is logged in and reads:
'All your files have been encrypted with Fuck Society Ransomware
YOU HAVE 5 DAY TO MAKE PAYMENT OR ALL YOUR FILES HAVE BEEN DELETED!
For each file unique, strong key. Algorithm RSA$)(^ look at
https://en.wikipedia.org/wiki/RSA_(cryptosystem)
- ALL your Attempts to restore files on their own, lead to the loss of the possibility of recovery and we are not going to help you.
Your unique Id for decrypt: [random characters]
FOR DECRYPT YOUR FILES BUY YOUR UNIQUE DECRYPTION CONFIG:
[URL to a site on the Open Internet]
In file you find link to decryptor , and link to decryption config file'
Users are Better off Using Backups Instead of Paying the Ransom
The ransom note in 'DECRYPT_YOUR_FILES.HTML' is accompanied by a custom desktop wallpaper that will be set as your default background when the encryption procedure is complete. The image established by the FuckSociety Ransomware represents the word 'SOCIETY' with a depiction of a hand giving the finger to the user's face. Needless to say, the authors of the FuckSociety Ransomware are cheeky and are not likely to provide a decryptor. Experiences with threats like the BTC Ransomware and the EncryptoJJS Ransomware suggests that users should use backups and archives to rebuild their data structure instead of paying the ransom. Using a reliable anti-malware utility to clean your PC is a must when you are dealing with threats like the FuckSociety Ransomware.
Submit Comment
Please DO NOT use this comment system for support or billing questions. For SpyHunter technical support requests, please contact our technical support team directly by opening a customer support ticket via your SpyHunter. For billing issues, please refer to our "Billing Questions or Problems?" page. For general inquiries (complaints, legal, press, marketing, copyright), visit our "Inquiries and Feedback" page.