'M4N1F3STO Virus' Lockscreen
Threat Scorecard
EnigmaSoft Threat Scorecard
EnigmaSoft Threat Scorecards are assessment reports for different malware threats which have been collected and analyzed by our research team. EnigmaSoft Threat Scorecards evaluate and rank threats using several metrics including real-world and potential risk factors, trends, frequency, prevalence, and persistence. EnigmaSoft Threat Scorecards are updated regularly based on our research data and metrics and are useful for a wide range of computer users, from end users seeking solutions to remove malware from their systems to security experts analyzing threats.
EnigmaSoft Threat Scorecards display a variety of useful information, including:
Ranking: The ranking of a particular threat in EnigmaSoft’s Threat Database.
Severity Level: The determined severity level of an object, represented numerically, based on our risk modeling process and research, as explained in our Threat Assessment Criteria.
Infected Computers: The number of confirmed and suspected cases of a particular threat detected on infected computers as reported by SpyHunter.
See also Threat Assessment Criteria.
Threat Level: | 80 % (High) |
Infected Computers: | 10 |
First Seen: | December 12, 2016 |
Last Seen: | May 5, 2022 |
OS(es) Affected: | Windows |
The 'M4N1F3STO Virus' Lockscreen is generated by a Trojan that is designed to fool the users into believing that the data on their computers was encrypted and about to be deleted. The developer of the 'M4N1F3STO Virus' requires the payment of 0.3 Bitcoin (234 USD or 221 EUR) to be made to a wallet address in case you don't want your files to be deleted. The message shown by the 'M4N1F3STO Virus' Trojan resembles many variants we have seen with threats like the Cuzimvirus Ransomware and the BrLock Ransomware. There does not appear to be a connection between the Trojans mentioned before, and the 'M4N1F3STO Virus' Lockscreen may look like a joke to some users. However, the 'M4N1F3STO Virus' threat is no joke and can cause distress for many users since it can be delivered to systems via spam emails, corrupted links and instruments such as the Neutrino Exploit Kit.
How the 'M4N1F3STO Virus' Lockscreen is Presented to Users
When the 'M4N1F3STO Virus' Trojan is installed, it adds an entry to the list of startup programs and launches on the next system boot. As a result, the user logs into Windows and is greeted by the 'M4N1F3STO Virus' Lockscreen immediately, which features the following message:
'I want to play a game with you. Let me explain the rules:
Your personal files are being deleted. Your photos, videos, documents, etc...
But, don't worry! It will only happen if you don't comply.
However I've already encrypted your personal files, so you cannot access them.
Every hour I select some of them to delete permanently,
therefore I won't be able to access them, either.
Are you familiar with the concept of exponential growth? Let me help you out.
It starts out slowly then increases rapidly.
During the first 24 hour you will only lose a few files,
the second day a few hundred, the third day a few thousand, and so on,
If you turn off your computer or try to close me, when i start the next time
you will have 1000 files deleted as punishment.
Yes you will want me to start next time, since I am the only one that
is capable to decrypt your personal data for you.
Now, let's start and enjoy our little game together!"
[wallet address]
Send 0,3 bitcoins to this address to unlock your Pc with your email address.
Your can purchase bitcoins from localbitcoins'
Contrary to what you are suggested, the 'M4N1F3STO Virus' Trojan does not include an encryption procedure and does not delete files on your computer. Security analysts examined samples of the threat and determined that it is not programmed to encipher and delete data, yet. Consecutive builds of the 'M4N1F3STO Virus' may support extended functionalities and feature an encryption engine.
An Unlock Code is Supposed to be Entered on the 'M4N1F3STO Virus' Lockscreen
At the time of writing this, users need an unlock code to bring down the 'M4N1F3STO Virus' Lockscreen. The 'M4N1F3STO Virus' Trojan is designed to suppress the Command Prompt utility, the Registry Editor and the Task Manager on the Windows OS. You may need to boot into Safe Mode and bypass the activation of the threat. Fortunately, researchers unveiled that the unlock code comes with the executable responsible for the 'M4N1F3STO Virus' Lockscreen. Given the playful nature of the 'M4N1F3STO Virus' message, the unlock string is rather unconventional and states 'suckmydicknigga.' Entering the code triggers a dialog box to pop up on your screen saying 'JUST DELETE IT TO REMOVE IT HAHA YOU HAVE BEEN FOOLED.' The location of the executable for the 'M4N1F3STO Virus' Lockscreen is not disclosed in the dialog box, and you may need to use a reliable anti-malware scanner to sweep your drives.
Submit Comment
Please DO NOT use this comment system for support or billing questions. For SpyHunter technical support requests, please contact our technical support team directly by opening a customer support ticket via your SpyHunter. For billing issues, please refer to our "Billing Questions or Problems?" page. For general inquiries (complaints, legal, press, marketing, copyright), visit our "Inquiries and Feedback" page.