Threat Database Ransomware FREDD Ransomware

FREDD Ransomware

By GoldSparrow in Ransomware

Malware experts have uncovered yet another new ransomware threat recently. They named it the FREDD Ransomware. When security researchers looked into it, it became evident that the FREDD Ransomware is a modified version of the widely known (in the world of cybersecurity) Dharma Ransomware.

The FREDD Ransomware is believed to be propagated by employing mass email campaigns, with emails containing an infected file mainly. The user is then tricked into opening the fraudulent file via various social engineering tactics. Other propagation methods may include fake update requests, as well as pirated software, which is infected with the file-encryption Trojan. When the FREDD Ransomware manages to get access to your computer, it will begin to cause havoc immediately. It would start by scanning your PC and select the files that it was programmed to target. With this being done, the FREDD Ransomware would get down to work with its main goal – locking your data. After the encryption process, the files affected will have changed names. This is because the FREDD Ransomware has its own extension, which upon encryption is added to the name of the file that was locked. The FREDD Ransomware would alter the original name of your file using the pattern '.id-.[].FREDD' where the 'Victim ID' stands for the uniquely generated ID for every user who falls prey to FREDD Ransomware. Then comes the dropping of the ransom note. The name of the FREDD Ransomware's ransom note is not available currently, but it might be 'Info.hta,' 'HELP.txt,' or 'FILES ENCRYPTED.txt' since they are commonly used by members of the Dharma Ransomware family. However, it is known that the authors of FREDD Ransomware have put forward an email address where they are to be contacted by the victim for further instructions –

We do not recommend you get in contact with cyber crooks. They are not reliable and will likely trick you into giving them cash while promising to provide you with a decryption tool, which they often do not bother to give you or do not have available at all. It is advisable that you install a genuine anti-spyware suite and clear your computer of this file-locking Trojan. Then, you may try to recover some of the lost data by employing a file-recovery tool.

Related Posts


Most Viewed