Fun Ransomware

Researchers found the Fun Ransomware while inspecting possible malware threats. Ransomware threats are designed to encrypt the data on the compromised devices and demand ransom for the decryption of the files from the impacted individuals or organizations.

The Fun Ransomware follows that pattern by locking files and altering the original filenames. The file names are appended with a '.funny' extension. For example, a file initially named '1.doc' will then appear as '1.doc.funny,' '2.png' as '2.png.funny,' and so on for all of the compromised files. After completing its encryption process, the Fun Ransomware also changes the desktop wallpaper of the device and creates a ransom note titled 'readme.txt.'

The Fun Ransomware Can Cause Significant Damage to Infected Systems

The ransom note associated with the Fun Ransomware asserts that the encrypted files have undergone encryption using robust cryptographic algorithms, specifically RSA-2048 and AES-256. To regain access to the locked files, victims are instructed to make a ransom payment in Bitcoin cryptocurrency. The exact amount of the ransom is contingent upon the size and value of the affected data, particularly tailored to the scale of the victim company. A stipulated time frame of three days is given to the victim for the payment. Failure to comply within this period results in the permanence of file inaccessibility, with the added consequence of the collected content being sold on the Dark Web.

The decryption of the files is typically deemed unattainable without the intervention of the cybercriminals. Despite meeting ransom demands, victims often do not receive the necessary keys or tools to decrypt their data. Consequently, paying the ransom is strongly discouraged, as there is no guarantee of file recovery, and such payments inadvertently contribute to the criminal activities of the attackers.

It is important to note that while removing the Fun Ransomware from the operating system prevents further encryption of files, it does not facilitate the restoration of data already encrypted by the ransomware. Therefore, adopting preventive measures and seeking alternative methods for file recovery are recommended over succumbing to ransom demands.

Take a Decisive Security Approach to Protect Your Devices and Data

Taking a decisive security approach to protect devices and data involves implementing a comprehensive set of practices and measures to safeguard against various cyber threats. Here are key steps users can take:

• Keep Software Updated:
• Regularly update operating systems, anti-malware software and applications. Software updates typically include security patches to address known or potential vulnerabilities, making it harder for cybercriminals to exploit weaknesses.
•  Use Strong and Unique Passwords:
• Employ unique passwords for each of your accounts. It is strongly recommended to utilize a combination of letters, numbers, and special characters. Also, you may wish to consider using a professional password manager to generate and store complex passwords securely.
•  Be Careful with Emails and Links:
• When receiving emails, especially from unknown or suspicious sources, it is crucial to be cautious. Try not to access links or download attachments from untrusted emails, as they may contain malware or phishing attempts.
•  Install and Update Security Software:
• Install reputable anti-malware software on devices. These security tools should be kept up to date so they can detect and remove the latest threats.
•  Backup Data Regularly:
• Regularly back up important data to an external device or a secure cloud service. In the event of a ransomware attack or hardware failure, having up-to-date backups ensures the ability to restore essential files.
•  Use a Virtual Private Network (VPN):
• Employ a VPN, especially when accessing public Wi-Fi networks. A VPN encrypts Internet traffic, enhancing privacy and protecting against potential eavesdropping by fraud-related actors.
•  Educate Yourself About Cyber Threats:
• Stay abreast of the newest cybersecurity threats and techniques used by cybercriminals. Awareness can help users recognize potential risks and take proactive measures to mitigate them.

By proactively implementing these measures, users can significantly enhance the security of their devices and data, lessening the risk of falling victim to cyber threats.

The ransom note left on devices compromised by the Fun Ransomware is:

'You became victim of fun ransomware!
Your files have been encrypted using RSA-2048 and AES-256 ciphers, wich means you cannot acces them anymore.
You can read arcticles about encryptions here:
hxxps://wikipedia.org/wiki/RSA_(cryptosystem)
hxxps://wikipedia.org/wiki/Advanced_Encryption_Standard
How do i get my files back?
In order to get you files back you have to purchase or personal decryptions software, the prices waries on data value and company size.
How do i pay?
We ONLY accept bitcoin payment. The address is seen below, if you do not know how to buy bitcoin go look on it on the internet.
What happens if i dont pay?
You have 3 days to fullfil the payment if you do not pay untill this time you will never be able to recover you files again, additionaly all your personal information and files will be sold on the dark web.
Price negotiation contact: jshza78wfawjfawffa@proton.me
Bitcoin adress: 17CqMQFeuB3NTzJ2X28tfRmWaPyPQgvoHV

The message shown as a desktop background is:

YOUR FILES HAVE BEEN ENCRYPTED
OPEN READ ME.TXT FOR INSTRUCTIONS.'