- Slow Computer
- System crashes
- Connects to the internet without permission
- Installs itself without permissions
- Can't be uninstalled via Control Panel
FileFrozr Ransomware is a malicious computer infection that can affect anyone out there. Its creators are not responsible for spreading the program around because the ransomware is available for sale at its official website. There, it is promoted as a “great security tool that encrypts most of your files in several minutes.” Of course, it could be a security tool if you wanted your data encrypted and protected against some espionage campaign, but the problem is that programs like FileFrozr Ransomware are used to extort money from individual computer users and corporations, as they desperately scramble to get their data back.
Perhaps normally people would expect malicious infections to hide in plain sight, but FileFrozr Ransomware does not even hide. It has an official homepage via frozlockqqxz7a2.onion.tk, and from there, you can find more promotional material on this program. For instance, it says that the program is “coded from scratch.” That would suggest that it is not based on any open source ransomware framework that is available out in the open. And since no public codes were used to create this program, the developers maintain that “this makes FILE FROZR fully undetectable.” The builders say that they have tested their program with several security applications, and “all builds are obfuscated at our servers.”
Now, it is rather questionable whether FileFrozr Ransomware really can avoid detection. For one, no sample of this infection was detected in the wild so far. That would suggest that no one has bought the program yet, and our research also shows that no payments have been made to the program’s Bitcoin wallet yet. This could mean that the builders are not successful at promoting their program, although we know for sure that a user under the Frozr username posts information on several hacking forums to attract new clients. So far, we have seen threads about the infection on hacksbb.net and sisnister.ly.
If anyone decides to buy this program, one can expect it to function just like any crypto-locker ransomware application out there. The builder suggests that FileFrozr Ransomware is available at a low price, and this claim is actually true. The current price of this program stands at 0.14 BTC, and that is no more than $150USD. It is actually rather surprising because when we deal with various ransomware infections, we notice that their usual ransom fees are usually around $200USD. Therefore, it is possible to say that FileFrozr Ransomware is rather cheap, and that is probably because its developers were expecting to sell a lot of copies over a short period of time.
It is still too early to say whether the marketing campaign for this ransomware program was a failure. However, seeing how security experts have not come across of any sample for this program, perhaps the sales and distribution do not go according to the plan. Of course, for regular users and even corporations, this is good news because it means that there are less malicious infections one should worry about. Although as long as the main homepage is up, there will always be a possibility that someone will buy the program and try to infect people.
After all, most of the features of the application seem to be rather attractive (if you are into cyber crime, of course). The promotional material says that FileFrozr Ransomware is undetectable while working, it supports the Tor browser, encrypts data using the AES-256 and RSA-4096 algorithms, and each file is encrypted with its own unique key. What’s more, FileFrozr Ransomware even offers a $50USD discount at the beginning of the sales period. But of course, there is no way to know whether this program lives up to its promises unless we buy a copy of this application or we come across a sample in the wild.
As far as regular computer users are concerned, they can always avoid the likes of FileFrozr Ransomware if they know the main ransomware distribution patterns. That would mean that users should not download and open attachments received from unknown senders. Closing websites that are full of annoying pop-ups would also be recommended, and you should download programs only from their official sources. Freeware downloads from file-sharing websites could also be responsible for ransomware distribution.
Should you have more questions about ransomware or FileFrozr Ransomware in particular, please do not hesitate to leave us a comment.