Foty Ransomware
Analysis of the Foty Ransomware has revealed that it encrypts data and appends the '.foty' extension to the filenames of the affected files. The threat creates a ransom note in the form of a '_readme.txt' file. Examples of the changes that Foty makes to the original file names include modifying '1.jpg' to '1.jpg.foty,' '2.png' to '2.png.foty.' and so on. Additionally, it is worth noting that the Foty Ransomware is part of the infamous STOP/Djvu Ransomware family. Victims of such threats should be aware that cybercriminals often deploy additional malware alongside the STOP/Djvu Ransomware. These additional threats are likely to be infostealing tools such as RedLine or Vidar.
Table of Contents
The Foty Ransomware Locks Numerous File Types and Deamnds Money from the Victims
When a computer is first infected with the Foty Ransomware, the malware will perform a thorough scan of the machine in search of specific file types such as images, videos, and important productivity documents and files such as .doc, .docx, .xls, and .pdf. Once the ransomware has detected these files, it will proceed to encrypt them, making them inaccessible to the user.
Once the Foty Ransomware has completed the encryption process, it will display a ransom note with demands from the threat actors. This note contains instructions on how victims can contact the malware developers for further instructions on how to pay the ransom. Victims are urged to message the developers via the email addresses 'support@fishmail.top' and 'datarestorehelp@airmail.cc.' Victims who contact the attackers via email within 72 hours are offered a discounted rate of $490 for the decryption software. However, if they fail to do so, they will be required to pay the full price of $980.
Users Should Protect Their Devices and Data from Ransomware Attacks
Protecting devices and data from ransomware threats is a multi-layered process that involves several measures to prevent infections and minimize the damage caused in the event of an attack. One essential step is to maintain regular backups of all important data and files, both locally and in a secure cloud-based storage solution. This will allow users to restore their data if it is lost or encrypted during an attack.
Users should also be extra attentive when clicking on links or opening email attachments from unknown or suspicious sources, as many ransomware attacks are spread through phishing emails. It also is essential to keep all software and security applications updated with the latest security patches and upgrades to prevent vulnerabilities that could be exploited by attackers.
Implementing strong password policies and enabling two-factor authentication can also help protect against ransomware attacks. Additionally, using anti-malware software and firewalls can provide an additional layer of protection against potential threats. Regularly scanning systems for vulnerabilities and monitoring network traffic can also help identify and prevent ransomware infections.
In summary, preventing ransomware attacks involves:
- Being vigilant.
- Practicing good cyber hygiene.
- Staying up-to-date with security measures.
- Taking a multi-layered approach to protect data and devices against potential threats.
The ransom note dropped onto the devices breached by the Foty Ransomware is:
'ATTENTION!Don’t worry, you can return all your files!
All your files like pictures, databases, documents and other important are encrypted with strongest encryption and unique key.
The only method of recovering files is to purchase decrypt tool and unique key for you.
This software will decrypt all your encrypted files.
What guarantees you have?
You can send one of your encrypted file from your PC and we decrypt it for free.
But we can decrypt only 1 file for free. File must not contain valuable information.
You can get and look video overview decrypt tool:
https://we.tl/t-oTIha7SI4s
Price of private key and decrypt software is $980.
Discount 50% available if you contact us first 72 hours, that’s price for you is $490.
Please note that you’ll never restore your data without payment.
Check your e-mail “Spam” or “Junk” folder if you don’t get answer more than 6 hours.To get this software you need write on our e-mail:
support@fishmail.topReserve e-mail address to contact us:
datarestorehelp@airmail.cc'
Foty Ransomware Video
Tip: Turn your sound ON and watch the video in Full Screen mode.
