Fresh Ransomware

By GoldSparrow in Ransomware

Translate To:

The Fresh Ransomware is yet another representative of the ever-growing family of the Dharma Ransomware variants. The Fresh Ransomware shows little deviation for what is the standard Dharma Ransomware variants' behavior apart from the specific email addresses used by the hackers and the unique extension. Furthermore, as is the norm for threats spawned from Dharma, every encrypted file's name will be changed significantly. The Fresh Ransomware appends a string representing the ID assigned to the specific victim, the 'freshkart@420blaze.it' email address, and finally, the '.fresh' extension. Instructions to the victims are delivered both as a text file named 'FILES ENCRYPTED.txt' and in a pop-up window.

The text contains little useful information, besides one stating that users should contact the 'freshkart@420blaze.it' email. The message found in the pop-up window may be a bit lengthier, but it also lacks any meaningful details. No specific sum is mentioned, and neither is it specified if the money will need to be sent as Bitcoin or any other cryptocurrency.

While it may be difficult to remain calm after losing access to your private files or business-related projects stored on the affected computer suddenly, rushing to meet the cybercriminals' demands may not be the best response. There is nothing that can guarantee that they will honor their end of the bargain by sending decryption, too, that will restore the files successfully. Instead, the Fresh Ransomware victims should first use a professional anti-malware program to clean any traces of the threat from the compromised device and then look for an appropriate backup of the encrypted data.

The full text of the note displayed the Fresh Ransomware pop-up window is:

'YOUR FILES ARE ENCRYPTED

Don't worry,you can return all your files!

If you want to restore them, follow this link: email freshkart@420blaze.it YOUR ID -

If you have not been answered via the link within 12 hours, write to us by email:freshkart@420blaze.it

Attention!

Do not rename encrypted files.

Do not try to decrypt your data using third party software, it may cause permanent data loss.

Decryption of your files with the help of third parties may cause increased price (they add their fee to our) or you can become a victim of a scam.'

The instructions in the text file are:

'all your data has been locked us

You want to return?

write email freshkart@420blaze.it or freshkart@420blaze.it.'

Enigma Software Group Prevails Over Malwarebytes at the Ninth Circuit

Search

Change Region

Fresh Ransomware

Submit Comment

Related Posts

Totalfreshwords.com

Freshingclicks.com

Fresh-cleaner.site

Freshannouncement.com

Rdir.Fresh-Appz.com

Latestnews.fresherslive.com

Trending

'YouPorn' Email Scam

Safe Search Eng

Findtheirreport.com

Most Viewed

Is Lookmovie.io Safe?

How To Fix 'Printer Driver is Unavailable' Error

Discord Shows Black Screen when Sharing Screen