Fluffy-TAR Ransomware

The Fluffy-TAR Ransomware is a ransomware Trojan that receives its name because the Fluffy-TAR Ransomware includes a PNG file named 'fluffy.png' as part of its attack. This image is displayed on computers that have been compromised in the attack. This name, Fluffy-TAR, is also displayed in the TOR network portal where victims of the Fluffy-TAR Ransomware attack are instructed to carry out the ransom payment. Like most ransomware Trojans, the Fluffy-TAR Ransomware is designed to encrypt the victims' files and then demand the payment of a large ransom to recover the affected files. The files that have been compromised by the Fluffy-TAR Ransomware infection are marked with the file extension '.lock75,' which has directed some sources referring to the Fluffy-TAR Ransomware as the Lock75 Ransomware instead. It is possible that the Fluffy-TAR Ransomware is in progress currently, and its name may change during development.

The No Fluffy Consequences of the Fluffy-TAR Ransomware

The Fluffy-TAR Ransomware seems to target both French and English speakers, and its ransom note includes the option to display the ransom note in either language. Apart from the ransom amount, the Fluffy-TAR Ransomware ransom note also includes a countdown timer, which warns that the victim's files will be deleted after five days. After encrypting the victim's files, the Fluffy-TAR Ransomware displays a window named 'ATTENTION REQUIRED' with the following message:

'What's happening?
Oh no! Fluffy-TAR has encrypted some of your files! It means that they are not lost, but cannot be used until decrypted. They are 'locked', you could say. If you see a file which name ends with 'lock75', it means this file is encrypted. The process is easily reversible but requires a key.
What do I do?
To get your files back, you must buy the decryption key. This payment must be done in Bitcoins, a cryptographic currency. Bitcoin is becoming more and more accessible and nowadays, it is really easy to use Bitcoins.
See the online interface (button below) for a more detailed introduction to bitcoins. To get your files back, please send exactly (or more if you want) 0.039 Bitcoins to this address, BEFORE the countdown below ends:
[RANDOM CHARACTERS]
Uppercase/lowercase matter! Make sure you send to the right address! (you can scan the QR code to copy it)
After sending the payment, wait an hour then click the 'retrieve key automatically' button below. The software will then receive the key and decrypt ALL encrypted files. Without the key, it is impossible to decrypt your files.
Without the proper payment, it is impossible to get the key. When the countdown reaches zero, you will lose all encrypted documents.
Please note: if you have an antivirus, disable it now if you don't want to lose your data.'

The Fluffy-TAR Ransomware's payment website is located on the TOR network and requires the use of the TOR browser to access. However, victims of the attack don't have to use the payment portal to make the BitCoin payment necessarily. The Fluffy-TAR Ransomware payment is of 0.039 BitCoin (approximately $50 USD), which is quite a bit less than many similar threats. However, it is clear that the Fluffy-TAR Ransomware is a work in progress currently and the version active today is not fully functional.

Dealing with the Fluffy-TAR Ransomware

Fortunately, the current version of the Fluffy-TAR Ransomware is not capable of encrypting the victims' data. The Fluffy-TAR Ransomware does support the AES and RSA encryptions but simply does not carry out the attack. This is likely to change if the Fluffy-TAR Ransomware is a work in progress in development currently, along with the Fluffy-TAR Ransomware's name and other characteristics related to this attack. PC security analysts advise computer users to take precautions to ensure that their machines are well protected against the Fluffy-TAR Ransomware and other threats with similar attack strategies. The use of a reliable security program paired with strong backups of all files can help computer users be well protected from the Fluffy-TAR Ransomware and other ransomware Trojans.