Fartplz Ransomware

Fartplz Ransomware Description

The Fartplz Ransomware is a ransomware Trojan that was first observed in May 2017. The Fartplz Ransomware is designed to target government offices, small and medium-sized businesses, and similar targets (rather than individual computer users). The Fartplz Ransomware is mostly being distributed through the use of phishing emails that target a specific company, and are designed to trick the victims into opening a corrupted email attachment by disguising the email as a resume, an invoice, a package delivery confirmation, or with a similar social engineering tactics. The email attachments used to deliver the Fartplz Ransomware will take the form of Microsoft Office documents with macros enabled. A corrupted macro script connects to a remote server and downloads and installs the Fartplz Ransomware onto the victim's computer.

The Ransomware with a Silly Name but Serious Effects

The Fartplz Ransomware carries out a typical ransomware attack, encrypting the victims' files and then demanding a large payment so that they supposedly will get the decryption key required to recover the affected files. The Fartplz Ransomware will scan the victim's computer in search for certain file types, generally targeting user generated files such as text documents, audio and video files, images, etc. Using a combination of the AES and RSA encryptions, the Fartplz Ransomware will make the victim's data inaccessible, taking it hostage until the ransom is paid. The Fartplz Ransomware has received some attention from PC security researchers because of the infantile sense of humor associated with the attack. The Fartplz Ransomware receives its name because it appends the file extension '.fartplz' to the end of each affected file's name. The Fartplz Ransomware will drop an HTML document on the infected computer. This HTML document, named 'ReadME_Decrypt_Help_[RANDOM NUMBER].html' will be placed on the infected computer's desktop and alerts the victim of the attack and explains the ransom payment procedure. The following is the full text of the Fartplz Ransomware ransom note:

'What happened to your files?
All your files locked and protected by a strong encryption with RSA-2048 and AES-256 ciphers.
More information about the RSA and AES can be found here:
In summery you can't read or work with your files.But with our help you can recover them.
It is not possible to recover your files without private key and our unlocking software.
How to get private key or unlocking software?
You must pay (.5 Bitcoin per affected computers) OR (30 for all affected computers)
Our Bitcoin wallet is available in our site.
How to Access Our Site?

Dealing with the Fartplz Ransomware Infection

30 Bitcoin, approximate $55000 USD, is an extremely high price for the Fartplz Ransomware attack, meaning that it is clear that the Fartplz Ransomware seems to be targeting corporations and attempting to infect entire networks rather than individual computers. Because of this, ensure that your data and computers are well protected from these attacks. Fortunately, it is relatively simple to ensure that your data is safe. Having file backups or disk image backups on an external, offline memory device, or the cloud can make attacks like the Fartplz Ransomware ineffective. If computer users can recover their data quickly by simply restoring it from a backup copy, then the people responsible for the Fartplz Ransomware attack lose all the power that allows them to require a ransom payment from the victim. Apart from having file backups, it is also essential to take precautions to prevent the Fartplz Ransomware from entering in the first place. Since the main distribution technique associated with the Fartplz Ransomware is the use of corrupted spam email attachments, PC security analysts strongly advise computer users to become educated on how to handle emails and online content safely. It is also recommendable to have a reliable security program that is fully up-to-date so as to intercept and remove any potential threat.

Infected with Fartplz Ransomware? Scan Your PC

Download SpyHunter's Spyware Scanner
to Detect Fartplz Ransomware
* SpyHunter's scanner is only for malware detection. If SpyHunter detects malware on your PC, you will need to purchase SpyHunter's malware removal tool to remove the malware threats. Read more on SpyHunter. If you no longer wish to have SpyHunter installed on your computer, follow these steps to uninstall SpyHunter.

Security Doesn't Let You Download SpyHunter or Access the Internet?

Solutions: Your computer may have malware hiding in memory that prevents any program, including SpyHunter, from executing on your computer. Follow to download SpyHunter and gain access to the Internet:
  • Use an alternative browser. Malware may disable your browser. If you're using IE, for example, and having problems downloading SpyHunter, you should open Firefox, Chrome or Safari browser instead.
  • Use a removable media. Download SpyHunter on another clean computer, burn it to a USB flash drive, DVD/CD, or any preferred removable media, then install it on your infected computer and run SpyHunter's malware scanner.
  • Start Windows in Safe Mode. If you can not access your Window's desktop, reboot your computer in "Safe Mode with Networking" and install SpyHunter in Safe Mode.
  • IE Users: Disable proxy server for Internet Explorer to browse the web with Internet Explorer or update your anti-spyware program. Malware modifies your Windows settings to use a proxy server to prevent you from browsing the web with IE.

If you still can't install SpyHunter? View other possible causes of installation issues.

Site Disclaimer

Leave a Reply

Please DO NOT use this comment system for support or billing questions. For SpyHunter technical support requests, please contact our technical support team directly by opening a customer support ticket via your SpyHunter. For billing issues, please refer to our "Billing Questions or Problems?" page. For general inquiries (complaints, legal, press, marketing, copyright), visit our "Inquiries and Feedback" page.

IMPORTANT! To be able to proceed, you need to solve the following simple math.
Please leave these two fields as is:
What is 9 + 3 ?