Fucku Ransomware

The Fucku Ransomware is an encryption ransomware Trojan that marks the files encrypted by its attack with the file extension '.fucku,' added to the end of each affected file. These threats work by making the victim's files inaccessible by encrypting them using a strong encryption method. The Fucku Ransomware will demand a ransom payment of 500 USD to restore the victim's files. Like most encryption ransomware Trojans, the victim is urged to carry out the payment using Bitcoins, since this cryptocurrency allows users to submit and receive anonymous payments online. The Fucku Ransomware is spread most commonly through the use of corrupted email attachments delivered via spam email messages, which use social engineering techniques to trick the computer users into believing that their contents are legitimate.

The Well-Known Attack of the Fucku Ransomware Trojan

The Fucku Ransomware is delivered by email messages that seem to come from a legitimate source, such as a shipping company like FedEx and DHL, or an online source such as Amazon, PayPal or Facebook. Once the Fucku Ransomware has been installed, it will modify the affected computer to ensure that the Fucku Ransomware starts up automatically along with the Windows operating system. The Fucku Ransomware carries out its attack by using a strong encryption method to make all of the victim's files inaccessible.

The Fucku Ransomware will deliver a ransom note that is written in English and Russian (with multiple grammar and spelling mistakes) as long as the targeted files become enciphered. The Fucku Ransomware's ransom note, which is contained in a text file named 'recover_your_files.txt,' contains the following text:

ALL YOUR FILES WERE COMPLETED.
ORDER, TO RESTORE THIS FILE, YOU MUST SEND $ 500 BTC AT THIS ADDRESS
1JvV3dvGmP6HTxQ6Ea1hoEutkFbJeahFiZ
AFTER PAYMENT SENT EMAIL nullforwarding@qualityservice.com
FOR INSTALLATION FOR DECRIPT

ВСЕ ВАШИ ФАЙЛЫ БЫЛИ ЗАВЕРШЕНЫ.
ЗАКАЗАТЬ, ЧТОБЫ ВОССТАНОВИТЬ ЭТИ ФАЙЛ, ВЫ ДОЛЖНЫ ОТПРАВИТЬ $ 500 В БТД НА ЭТОТ АДРЕС
1JvV3dvGmP6HTxQ6Ea1hoEutkFbJeahFiZ
ПОСЛЕ ПЛАТЕЖА ОТПРАВЛЕНА EMAIL nullforwarding@qualityservice.com
ДЛЯ УСТАНОВКИ ДЛЯ ДЕКРИПТА'

The email address associated with the Fucku Ransomware also will appear along with the following ransom message:

'What happened to your files?
All of your important files have been encrypted with a powerful cryptography algorithm.
Attention: Don't rename or edit encrypted files because it will be impossible to decrypt your files!
Step l: You must send us $506 worth of Bitocins for each affected PC OR $2069 worth of Bitocins to receive ALL Private Keys for ALL affected PCs.
Step 2: After you send us the coins. Email – nullforwardingfiqualityservice.com with your 'Computer name.'
Example: My Computer name is: 001151
Step3: We will reply to your email with a link to the key & decryption software.
You should run it on your affected PC and all encrypted files will be recovered.
Our Bitcoin address: 13wNijcKiBEg8xZwHthcLZtRmrtyTBxDB
What is Bitcoin?
Bitcoin is an innovative payment network and a new kind of money.
You can create a Bitcoin account at https://blockchain.info/ and deposit some money into your account and then send to us.
How to buy Bitcoin?'

The Fucku Ransomware will encrypt a variety of file types in its attack, including the following:

PNG .PSD .PSPIMAGE .TGA .THM .TIF .TIFF .YUV .AI .EPS .PS .SVG .INDD .PCT .PDF .XLR .XLS .XLSX .ACCDB .DB .DBF .MDB .PDB .SQL .APK .APP .BAT .CGI .COM .EXE .GADGET .JAR .PIF .WSF .DEM .GAM .NES .ROM .SAV CAD Files .DWG .DXF GIS Files .GPX .KML .KMZ .ASP .ASPX .CER .CFM .CSR .CSS .HTM .HTML .JS .JSP .PHP .RSS .XHTML. DOC .DOCX .LOG .MSG .ODT .PAGES .RTF .TEX .TXT .WPD .WPS .CSV .DAT .GED .KEY .KEYCHAIN .PPS .PPT .PPTX ..INI .PRF Encoded Files .HQX .MIM .UUE .7Z .CBR .DEB .GZ .PKG .RAR .RPM .SITX .TAR.GZ .ZIP .ZIPX .BIN .CUE .DMG .ISO .MDF .TOAST .VCD SDF .TAR .TAX2014 .TAX2015 .VCF .XML Audio Files .AIF .IFF .M3U .M4A .MID .MP3 .MPA .WAV .WMA Video Files .3G2 .3GP .ASF .AVI .FLV .M4V .MOV .MP4 .MPG .RM .SRT .SWF .VOB .WMV 3D .3DM .3DS .MAX .OBJ R.BMP .DDS .GIF .JPG ..CRX .PLUGIN .FNT .FON .OTF .TTF .CAB .CPL .CUR .DESKTHEMEPACK .DLL .DMP .DRV .ICNS .ICO .LNK .SYS .CFG

Protecting Your Data from the Fucku Ransomware

Contacting the people responsible for the Fucku Ransomware attack is vehemently rejected by security experts. File backups can ensure that your data is protected. Also, a security program that is fully up-to-date should be used to protect your computer from future threat attacks.