Freshdesk Ransomware
Threat Scorecard
EnigmaSoft Threat Scorecard
EnigmaSoft Threat Scorecards are assessment reports for different malware threats which have been collected and analyzed by our research team. EnigmaSoft Threat Scorecards evaluate and rank threats using several metrics including real-world and potential risk factors, trends, frequency, prevalence, and persistence. EnigmaSoft Threat Scorecards are updated regularly based on our research data and metrics and are useful for a wide range of computer users, from end users seeking solutions to remove malware from their systems to security experts analyzing threats.
EnigmaSoft Threat Scorecards display a variety of useful information, including:
Ranking: The ranking of a particular threat in EnigmaSoft’s Threat Database.
Severity Level: The determined severity level of an object, represented numerically, based on our risk modeling process and research, as explained in our Threat Assessment Criteria.
Infected Computers: The number of confirmed and suspected cases of a particular threat detected on infected computers as reported by SpyHunter.
See also Threat Assessment Criteria.
| Threat Level: | 80 % (High) |
| Infected Computers: | 664 |
| First Seen: | May 12, 2017 |
| Last Seen: | May 8, 2023 |
| OS(es) Affected: | Windows |
The Freshdesk Ransomware is a file encoder Trojan that is not connected to the legitimate Freshdesk help desk ticketing system maintained by Freshdesk Inc. Malware authors used the name 'Freshdesk' in a ransom note delivered to users infected with their Trojan. The Freshdesk Ransomware is programmed to encode data on the compromised system and display a message that includes the statement 'Help Desk software by Freshdesk.' The note is intended to look like a professional access panel to decryption services available to users infected with the Freshdesk Ransomware. Evidently, the authors of the Freshdesk Ransomware like the operation of the Spora Ransomware campaign, which gained popularity for their victim-friendly support staff that communicates in the same fashion as a legitimate computer support agent would.
As you can imagine, the expansion of the ransomware market may be the reason why the supporters of the Freshdesk Ransomware wish to distinguish their business from others like the 'Grapn206@india.com' Ransomware, which leave a single email for contact and await payment. PC users that are affected by the Freshdesk Ransomware might find that the Trojan has corrupted data containers that are associated with photos, audio, video, presentations, spreadsheets and databases. The Freshdesk Ransomware is aimed at regular users, and you might encounter the payload in spam emails. The threat is classified as a mid-tier crypto-threat, which is designed to use a combination of the RSA and AES ciphers to handle the encoding procedure. Objects that are processed by the Trojan are represented by Windows Explorer as white icons and include the '.www' extension in the filename. For example, 'Bullet ant.pptx' is renamed to 'Bullet ant.pptx.wwww.' The ransom alert is presented in a new tab inside the default Internet browser. The address bar might point to 'restore_files.html,' which is dropped to the Downloads directory and offers the following message:
'Your files are Encrypted!
For data recovery needs decryptor.
To buy the decryptor, you must pay the cost of: 0.5 Bitcoin
Free decryption as guarantee.
Before paying you can send us 1 file for free decryption.
To send a message or file use this form:
Message or File
[TEXT BOX FOR EMAIL ADDRESS]
[TEXT BOX FOR SUBJECT LINE]
[TEXT BOX FOR MESSAGE]
Help Desk software by
Freshdesk
Privacy Policy'
We have received reports that the managers of the Freshdesk Ransomware are as greedy as those behind the R980 Ransomware and ask for 0.5 Bitcoins to be transferred to their wallet address. At the time of writing, 0.5 Bitcoin equals 898 USD or 822 EUR and some users may be willing to pay the fee. Before doing so, you may want to ask yourself if it is a good idea to fund the continuous development of the Freshdesk Ransomware and fear the next version that is likely to follow the initial release of the Trojan on your PC. It is smarter to purge the Freshdesk Ransomware with the help of a reputable anti-malware scanner and load archives and backups to rebuild your data structure. Cyber security experts remind users that the best protection against data corruption and accidental loss of data is to have backups on a remote drive.
Submit Comment
Please DO NOT use this comment system for support or billing questions. For SpyHunter technical support requests, please contact our technical support team directly by opening a customer support ticket via your SpyHunter. For billing issues, please refer to our "Billing Questions or Problems?" page. For general inquiries (complaints, legal, press, marketing, copyright), visit our "Inquiries and Feedback" page.