FunFact Ransomware

The FunFact Ransomware is as ransomware Trojan uncovered in January 2017. PC security researchers have observed that, once the FunFact Ransomware has entered a computer, it will use the RSA and AES encryption to encrypt the victim's files, making them unreadable. The FunFact Ransomware creates various files on the infected computer ('clsign.dll,' 'trc.dll,' 'rar.exe,' 'wallet.jpg,' 'note.ini'), which appear in each directory where the FunFact Ransomware encrypted any of the victim's content.

The FunFact Ransomware’s Ransom Demand

The file named 'note.ini' has the FunFact Ransomware's ransom note. The FunFact Ransomware's ransom note lets the victim know of the extent of the attack, alerting them that their files were encrypted and the only way to recover them is to pay for the decryption key (all accurate information, unfortunately). The FunFact Ransomware demands the payment of a ransom of 1.2208 BitCoins (approximately $1000 USD at the current exchange rate) within three days, threatening to increase the cost if it isn't paid in time. After a week, the FunFact Ransomware threatens to delete the files permanently.

The following is the full text of the FunFact Ransomware ransom note:

'Important Information!!!!
You had bad luck. All your files are encrypted with RSA and AES ciphers. to get your files back read carefully. if you do not understand, Read again. All your documents are recoverable only with our software and key file.
To decrypt files you need to contact worldthe FunFact@sigaint.org or the FunFacts11@tutanota.com and set your ID as email title and send clsign.dll file from your computer. That is the key file and yes, it's encrypted. Search your computer for filename 'clsign.dll' attach it to email. if you wish we will decrypt one of your encrypted file for free! It's your guarantee. After you made payment you will receive decryption software with key and necessary instructions. if you don't contact us within 72 hours we will turn on sanctions. you'll have to pay more. Recovery is only possible during 7 days. after that don't contact us.
Remember you are just single payment away from all your files
If your files are urgent pay exactly requested amount to Bitcoin(BTC) address and send clsign.dll file to us. We will send your decryption software within 24 hours; remember if you contact us first maybe you'll have to pay less
User ID: -
BTC Address: 1AQrj5jBcRaA35nvmuySb8xYkmXsGC65Rc
Amount(BTC): 1.22038'

A Superficial Analyze of the FunFact Ransomware Infection

Victims of the FunFact Ransomware are instructed to email either FunFacts11@tutanota.com or worldFunFact@sigaint.org to decrypt a single file as proof that the con artists have control of the decryption process. Fortunately for computer users, the current version of the FunFact Ransomware does not work as it is supposed to. The information above relates how the FunFact Ransomware is supposed to work, but in its current version, the FunFact Ransomware does not carry out an effective encryption routine. However, it is very likely that an updated version of the FunFact Ransomware that will be able to carry out its intended attack will be distributed. If the FunFact Ransomware has infected your computer, PC security researchers strongly advise against paying the FunFact Ransomware ransom. Con artists will ignore victims or even demand more money frequently, not to mention that paying the enormous ransom associated with the FunFact Ransomware helps these people finance further threats and carry out more attacks on innocent computer users.

Dealing with the FunFact Ransomware Infections

Attacks like the FunFact Ransomware have become much more prevalent now than they were only a year ago. Because of this, computer users take defensive measures to minimize the damage, especially since the files encrypted by the FunFact Ransomware are unrecoverable. Fortunately, this is a simple matter of having backup copies of all files on the cloud or an external memory device. If computer users can restore the affected files from a backup copy, then there is no need to follow the con artists' demands and pay the FunFact Ransomware ransom.

SpyHunter Detects & Remove FunFact Ransomware