Fartplz Ransomware
Threat Scorecard
EnigmaSoft Threat Scorecard
EnigmaSoft Threat Scorecards are assessment reports for different malware threats which have been collected and analyzed by our research team. EnigmaSoft Threat Scorecards evaluate and rank threats using several metrics including real-world and potential risk factors, trends, frequency, prevalence, and persistence. EnigmaSoft Threat Scorecards are updated regularly based on our research data and metrics and are useful for a wide range of computer users, from end users seeking solutions to remove malware from their systems to security experts analyzing threats.
EnigmaSoft Threat Scorecards display a variety of useful information, including:
Ranking: The ranking of a particular threat in EnigmaSoft’s Threat Database.
Severity Level: The determined severity level of an object, represented numerically, based on our risk modeling process and research, as explained in our Threat Assessment Criteria.
Infected Computers: The number of confirmed and suspected cases of a particular threat detected on infected computers as reported by SpyHunter.
See also Threat Assessment Criteria.
| Threat Level: | 80 % (High) |
| Infected Computers: | 66 |
| First Seen: | May 18, 2017 |
| Last Seen: | November 20, 2022 |
| OS(es) Affected: | Windows |
The Fartplz Ransomware is a ransomware Trojan that was first observed in May 2017. The Fartplz Ransomware is designed to target government offices, small and medium-sized businesses, and similar targets (rather than individual computer users). The Fartplz Ransomware is mostly being distributed through the use of phishing emails that target a specific company, and are designed to trick the victims into opening a corrupted email attachment by disguising the email as a resume, an invoice, a package delivery confirmation, or with a similar social engineering tactics. The email attachments used to deliver the Fartplz Ransomware will take the form of Microsoft Office documents with macros enabled. A corrupted macro script connects to a remote server and downloads and installs the Fartplz Ransomware onto the victim's computer.
The Ransomware with a Silly Name but Serious Effects
The Fartplz Ransomware carries out a typical ransomware attack, encrypting the victims' files and then demanding a large payment so that they supposedly will get the decryption key required to recover the affected files. The Fartplz Ransomware will scan the victim's computer in search for certain file types, generally targeting user generated files such as text documents, audio and video files, images, etc. Using a combination of the AES and RSA encryptions, the Fartplz Ransomware will make the victim's data inaccessible, taking it hostage until the ransom is paid. The Fartplz Ransomware has received some attention from PC security researchers because of the infantile sense of humor associated with the attack. The Fartplz Ransomware receives its name because it appends the file extension '.fartplz' to the end of each affected file's name. The Fartplz Ransomware will drop an HTML document on the infected computer. This HTML document, named 'ReadME_Decrypt_Help_[RANDOM NUMBER].html' will be placed on the infected computer's desktop and alerts the victim of the attack and explains the ransom payment procedure. The following is the full text of the Fartplz Ransomware ransom note:
'What happened to your files?
All your files locked and protected by a strong encryption with RSA-2048 and AES-256 ciphers.
More information about the RSA and AES can be found here:
[LINKS TO ARTICLES ON WIKIPEDIA]
In summery you can't read or work with your files.But with our help you can recover them.
It is not possible to recover your files without private key and our unlocking software.
How to get private key or unlocking software?
You must pay (.5 Bitcoin per affected computers) OR (30 for all affected computers)
Our Bitcoin wallet is available in our site.
How to Access Our Site?
[INSTRUCTIONS ON HOW TO INSTALL AND RUN TOR BROWSER]
Dealing with the Fartplz Ransomware Infection
30 Bitcoin, approximate $55000 USD, is an extremely high price for the Fartplz Ransomware attack, meaning that it is clear that the Fartplz Ransomware seems to be targeting corporations and attempting to infect entire networks rather than individual computers. Because of this, ensure that your data and computers are well protected from these attacks. Fortunately, it is relatively simple to ensure that your data is safe. Having file backups or disk image backups on an external, offline memory device, or the cloud can make attacks like the Fartplz Ransomware ineffective. If computer users can recover their data quickly by simply restoring it from a backup copy, then the people responsible for the Fartplz Ransomware attack lose all the power that allows them to require a ransom payment from the victim. Apart from having file backups, it is also essential to take precautions to prevent the Fartplz Ransomware from entering in the first place. Since the main distribution technique associated with the Fartplz Ransomware is the use of corrupted spam email attachments, PC security analysts strongly advise computer users to become educated on how to handle emails and online content safely. It is also recommendable to have a reliable security program that is fully up-to-date so as to intercept and remove any potential threat.
Submit Comment
Please DO NOT use this comment system for support or billing questions. For SpyHunter technical support requests, please contact our technical support team directly by opening a customer support ticket via your SpyHunter. For billing issues, please refer to our "Billing Questions or Problems?" page. For general inquiries (complaints, legal, press, marketing, copyright), visit our "Inquiries and Feedback" page.