Multi-Device Licenses (Volume Discounts)

Change Region

English Português
Threat Database Ransomware Fxmwtv Ransomware

Fxmwtv Ransomware

By GoldSparrow in Ransomware
Translate To:
English

According to cybersecurity experts, the Fxmwtv Ransomware is a new ransomware threat that can be classified as part of the Snatch Ransomware family. Indeed, there is little that sets this ransomware threat from the other Snatch Ransomware variants apart from the unique extension it uses and the criminals' email addresses. This, however, doesn't mean that the Fxmwtv Ransomware is any less threatening.

Once inside the victim's computer, the Fxmwtv Ransomware uses strong encryption algorithms to 'lock' the user's files rendering them inaccessible. Every encrypted file will have '.fxmwtv' appended as a new extension. Users will lose the ability to open their private files that could contain sensitive and crucial information. To revert their data to normal, users have to possess the right decryption key, which is, unfortunately, only available to the hackers. That gives the criminals the leverage to demand payment, usually in Bitcoins, in exchange for the decryption key or tool.

The emails for contact with the hackers are provided in a ransom note that the malware drops as a text file named 'HOW TO RESTORE YOUR FILES.TXT.' The two addresses are Xilttbg@Tutanota.com and support911@cock.li.

The full text of the instructions left by the hackers is:

'Hello!

All your files are encrypted, write to me if you want to return your files - I can do it very quickly!

Contact me by email:

Xilttbg@Tutanota.com or support911@cock.li

The subject line must contain an encryption extension or the name of your company!

Do not rename encrypted files, you may lose them forever.

You may be a victim of fraud. Free decryption as a guarantee.

Send us up to 3 files for free decryption.

The total file size should be no more than 1 MB! (not in the archive), and the files should not contain valuable information. (databases, backups, large Excel spreadsheets, etc.)

!!! Do not turn off or restart the NAS equipment. This will lead to data loss !!!

To contact us, we recommend that you create an email address at protonmail.com or tutanota.com

Because gmail and other public email programs can block our messages!'

Trending

Most Viewed

Loading...