FakeParadise Ransomware

FakeParadise Ransomware Description

New strains of ransomware are produced and compiled on a regular basis, and it is only logical that security researchers monitor those new versions. Somewhat surprisingly, ransomware named FakeParadise made the top 10 of ransom infections for the month of October 2019, according to statistics.

FakeParadise is a relatively new ransomware variant. The threat demands payment to be made in Bitcoin and asks for a sum that amounts to over 10,000 Chinese Yuan. The ransomware produces a ransom note named "---==%$$$OPEN_ME_UP$$$==---.txt" and files scrambled by FakeParadise have their original extensions changed. The ransomware appends either "_Kim ChinIm_ {ID string}.sev" or "_Support_{ID string}.FC" after the original file's extension. The infections reported have been primarily focused in China.

It's easy to assume that FakeParadise is a new variant of the Paradise ransomware - an older threat, but researchers discovered that FakeParadise both used C++ instead of C# and a different encryption method. Additionally, FakeParadise uses a different approach when it tried to delete volume shadow copies. Many versions of Paradise simply disable the shadow copy service without deleting the actual copies.

Victims of the FakeParadise ransomware might try the free Paradise ransomware decryption tool that has been released online. There is no guarantee that it will work, but it is still worth looking into.

Leave a Reply

Please DO NOT use this comment system for support or billing questions. For SpyHunter technical support requests, please contact our technical support team directly by opening a customer support ticket via your SpyHunter. For billing issues, please refer to our "Billing Questions or Problems?" page. For general inquiries (complaints, legal, press, marketing, copyright), visit our "Inquiries and Feedback" page.