FBLocker Ransomware DescriptionType: Ransomware
The FBLocker Ransomware is an encryption ransomware Trojan. The criminals responsible for the FBLocker Ransomware have no intention of helping the victims recover the affected files so that the FBLocker Ransomware functions as a data wiper effectively since the files it encrypts in its attacks become unrecoverable. This justifies the necessity to take precautions against the FBLocker Ransomware and similar threats.
The FBLocker Ransomware's Intent is to Attack Facebook
Most encryption ransomware Trojans use a strong encryption algorithm to make the victim's files inaccessible so that it has grounds to demand a ransom payment in exchange for the decryption key. However, the FBLocker Ransomware does not save the decryption keys used to encrypt the victim's files, which causes these files to become unrecoverable once encrypted. The FBLocker Ransomware seems to have been created to express dissatisfaction with new Facebook policies. The FBLocker Ransomware encrypts the victim's files and then delivers a message to the victim. The FBLocker Ransomware targets the same user-generated file types as most encryption ransomware Trojans do in their attacks. There are, below, some of the file types that the FBLocker Ransomware and similar threats will encrypt:
.3dm, .3g2, .3gp, .7zip, .aaf, .accdb, .aep, .aepx, .aet, .ai, .aif, .as, .as3, .asf, .asp, .asx, .avi, .bmp, .c, .class, .cpp, .cs, .csv, .dat, .db, .dbf, .doc, .docb, .docm, .docx, .dot, .dotm, .dotx, .dwg, .dxf, .efx, .eps, .fla, .flv, .gif, .h, .idml, .iff, .indb, .indd, .indl, .indt, .inx, .jar, .java, .jpeg, .jpg, .js, .m3u, .m3u8, .m4u, .max, .mdb, .mid, .mkv, .mov, .mp3, .mp4, .mpa, .mpeg, .mpg, .msg, .pdb, .pdf, .php, .plb, .pmd, .png, .pot, .potm, .potx, .ppam, .ppj, .pps, .ppsm, .ppsx, .ppt, .pptm, .pptx, .prel, .prproj, .ps, .psd, .py, .ra, .rar, .raw, .rb, .rtf, .sdf, .sdf, .ses, .sldm, .sldx, .sql, .svg, .swf, .tif, .txt, .vcf, .vob, .wav, .wma, .wmv, .wpd, .wps, .xla, .xlam, .xll, .xlm, .xls, .xlsb, .xlsm, .xlsx, .xlt, .xltm, .xltx, .xlw, .xml, .xqx, .xqx, .zip.
Once the FBLocker Ransomware has made the victim's files inaccessible, the FBLocker Ransomware delivers a message to the victim in a full-screen window. This is where most encryption ransomware Trojans deliver their ransom demands, to ask for a payment. The FBLocker Ransomware, instead, delivers the following message, which includes a photo of Mark Zuckerberg, founder and creator of Facebook:
'What Happened to My Computer?
Your important files are encrypted. Many of your documents, photos, videos, databases and other files are no longer accessible because they have been encrypted. Do not waste your time looking for a way to recover your files. Nobody can recover your files.
Can I Recover My Files?
No. My name is Mark Zuckerberg, and I have encrypted your files without saving any encryption keys. I appreciate you executing my program because you have allowed me to ruin more lives.
'A squirrel dying in front of your house may be more relevant to your interests right now than people dying in Africa.'
The FBLocker Ransomware adds the file extension '.facebook' to the affected file's name, which makes it very easy to recognize which files were enciphered by the attack.
Dealing with the FBLocker Ransomware Trojan
The FBLocker Ransomware connects to the IP address 220.127.116.11 to report any successful attacks. The FBLocker Ransomware targets computers running Windows or Android devices. Since the FBLocker makes the files it encrypts unrecoverable, precautionary measures are a must to take if the computer users want to keep their data safe. The best protection against threats like the FBLocker Ransomware is to have file backups on portable drives. The combination of file backups and an updated security product can help computer users prevent attacks like the FBLocker Ransomware and, most importantly, recover any files that could become compromised in the event of an infection. The FBLocker Ransomware may be spread to victims in many ways. The most common way of delivering these hoaxes is through the use of spam email attachments and spammed links via instant messaging and Facebook. Being able to recognize and avoid these tactics is essential in preventing attacks like the FBLocker Ransomware.
This article is provided "as is" and to be used for educational information purposes only. By following any instructions on this article, you agree to be bound by the disclaimer. We make no guarantees that this article will help you completely remove the malware threats on your computer. Spyware changes regularly; therefore, it is difficult to fully clean an infected machine through manual means.