FileIce Survey Lockscreen
Threat Scorecard
EnigmaSoft Threat Scorecard
EnigmaSoft Threat Scorecards are assessment reports for different malware threats which have been collected and analyzed by our research team. EnigmaSoft Threat Scorecards evaluate and rank threats using several metrics including real-world and potential risk factors, trends, frequency, prevalence, and persistence. EnigmaSoft Threat Scorecards are updated regularly based on our research data and metrics and are useful for a wide range of computer users, from end users seeking solutions to remove malware from their systems to security experts analyzing threats.
EnigmaSoft Threat Scorecards display a variety of useful information, including:
Ranking: The ranking of a particular threat in EnigmaSoft’s Threat Database.
Severity Level: The determined severity level of an object, represented numerically, based on our risk modeling process and research, as explained in our Threat Assessment Criteria.
Infected Computers: The number of confirmed and suspected cases of a particular threat detected on infected computers as reported by SpyHunter.
See also Threat Assessment Criteria.
| Threat Level: | 100 % (High) |
| Infected Computers: | 1 |
| First Seen: | October 27, 2016 |
| Last Seen: | June 18, 2018 |
| OS(es) Affected: | Windows |
The FileIce Survey Lockscreen has caught the attention of PC security analysts. This is because the FileIce Survey Lockscreen carries out an attack that is in many respects unconventional. Rather than demanding that the victim pays a ransom by using cryptocurrency, as is common in these kinds of attacks, the FileIce Survey Lockscreen demands that the victim fills out online surveys as payment. This is a method that had been only observed in PUPs (Potentially Unwanted Programs), adware and browser hijackers – mostly low-level threats – but not in ransomware Trojans. Unlike other ransomware Trojans, the FileIce Survey Lockscreen can be removed with a reliable security program that is fully up-to-date without compromising the victim's data.
Table of Contents
The Lock Screen that Demands the Completion of a Survey
The FileIce Survey Lockscreen is designed to modify the infected computer's Registry, allowing the FileIce Survey Lockscreen to lock the screen and prevent computer users from accessing their data. When the victim's computer is infected, the FileIce Survey Lockscreen will prompt the victim to choose a survey to complete to regain access to the infected computer. However, completing one of these surveys does not guarantee that access will be restored to the infected computer. Unlike low- level threats commonly associated with these schemes, the FileIce Survey Lockscreen is delivered by using high-level threat techniques such as exploit kits, corrupted scripts and social engineering methods.
How the FileIce Survey Lockscreen Attack Works
Some PC security analysts would classify the FileIce Survey Lockscreen as ransomware, despite that the FileIce Survey Lockscreen does not ask for a ransom paid directly by the victim explicitly. However, the surveys that the FileIce Survey Lockscreen loads are a way to monetize these attacks, which was among the most popular monetization schemes several years before the appearance of the FileIce Survey Lockscreen. The FileIce Surveys are developed by FileIceLLC, located on the Fileice.net website. It seems that the developers of the FileIce Survey Lockscreen load surveys from this platform, abusing it to make money off of computer users infected by the FileIce Survey Lockscreen Trojan.
How the FileIce Survey Lockscreen’s Creators may Make Money from the FileIce Survey Lockscreen
Nobody likes to be coerced, and that's exactly what the FileIce Survey Lockscreen does in its attack, forcing computer users to complete marketing surveys to regain access to their computers. However, there's good news: the FileIce Survey Lockscreen does not encrypt or corrupt the victim's data (at least as of yet – it is likely that variants of the FileIce Survey Lockscreen with encryption or other more misleading tactics may make an appearance). One reason to believe that newer versions of the FileIce Survey Lockscreen will appear is that the FileIce Survey Lockscreen's code is still under development. The FileIce Survey Lockscreen will display the following text in its message to the victim:
'Please complete a quick offer to continue!
You will have your download in no time! Just complete any advertiser-sponsored offer below with your valid information, and the download will unlock.
Survey list
[links that lead to pop-up windows containing marketing surveys]'
The FileIce Survey Lockscreen includes ways to prevent computer users from bypassing the surveys. For example, the FileIce Survey Lockscreen will block keyboard shortcuts and limit the victim's access, making it impossible to bypass the FileIce Survey Lockscreen message without restarting the affected computer. Completing one of the FileIce Survey Lockscreen's surveys will not guarantee access to the infected computer.
Dealing with the FileIce Survey Lockscreen
Fortunately, dealing with the FileIce Survey Lockscreen is relatively simple. PC security analysts recommend that computer users use an alternate start-up method or Safe Mode to start up Windows without loading the FileIce Survey Lockscreen application. Once access is restored, a reliable security program should be able to remove the FileIce Survey Lockscreen.
Submit Comment
Please DO NOT use this comment system for support or billing questions. For SpyHunter technical support requests, please contact our technical support team directly by opening a customer support ticket via your SpyHunter. For billing issues, please refer to our "Billing Questions or Problems?" page. For general inquiries (complaints, legal, press, marketing, copyright), visit our "Inquiries and Feedback" page.