Flyper Ransomware

A new ransomware infection called Flyper Ransomware has been detected recently by researchers specializing in cyber security. It has been given this name because it encrypts all personal files, including images, music files, and videos by adding the .flyper filename extension to all of them. Do not expect to unlock those files easily. To be frank, even the deletion of Flyper Ransomware from the system will not help you to gain access to them because this computer infection uses the RSA-2048 encryption method, which means that a private decryption key is necessary to unlock those files. The only people who have this key are cyber criminals who have developed Flyper Ransomware. Of course, they will offer you to buy the decryptor because their main goal is to obtain money from people. We cannot tell you what to do, but if you ask our opinion, we do not encourage you to send money to cyber criminals even though very important files have been encrypted and now have the .flyper filename extension. It is because we know that cyber criminals can fool you by taking the money you transfer to them and not sending you the decryptor in exchange. To be honest, there are many cases when users not only lose their files, but also hand in their money to cyber crooks. It might be impossible to unlock files without the private decryption key; however, we still suggest trying alternative file decryption methods, for example, you should get a free decryptor or a data recovery tool from the web and use it. You might find the one that works for you. If not, you should keep all those encrypted files in one place and do not delete them because the day when you could decrypt those files without paying money might come.

Flyper Ransomware does not try to hide its presence. After it finishes encrypting personal files, it immediately sets new Desktop wallpaper containing only one sentence: “You have been hacked!”. Also, you will see a new text file instruction.txt on Desktop. It contains information you need to know about the entire situation and the decryption of personal files. See an excerpt from this .txt file below:

Your personal files have been encrypted with strongest encryption RSA 2048 and unique key generated for this computer.

We present a decrypter software which allows to decrypt and return control to all your encrypted files.

We accept a payment with Bitcoin, there are many methods to get them.

At the end of this message, users are told to transfer 0.5 Bitcoin (~$310) to the provided Bitcoin address and then write an email to flyper01@sigaint.org. As you can see, the private key to decrypt files is quite expensive. Besides, nobody knows whether you will really receive it after making a payment. Of course, you can take a risk if you want to, but we do not encourage you to do that. You need to know that you do not even need to pay money if you have made a backup of your files before the entrance of this ransomware infection and still have it on a data storage device. No matter what you decide, you should remove this infection from your PC because it might strike again, and it is known that it keeps connecting to the Internet without permission periodically.

Ransomware is one of the most prevalent types of malware these days. There are hundreds of different ransomware infections developed by cyber criminals, e.g. KawaiiLocker Ransomware, Space_rangers@aol.com Ransomware, and Nullbyte Ransomware, and they might all enter your computer again if you are not cautious. According to researchers at pcthreat.com, ransomware infections might be dropped on computers by Trojans, or they might enter your PC if you open a spam email attachment. These are the main ransomware distribution methods cyber criminals employ; however, theoretically, these threats might find other ways to enter computers too. Therefore, our security specialists suggest being cautious and they recommend installing an effective security tool on the computer. One of the most effective tools on the market today is SpyHunter, so we suggest acquiring it if you want to feel safe 24/7/365.

Even though Flyper Ransomware is a really nasty computer infection, it should not be too hard for you to delete it because it does not make copies of its files and does not put them in different places on the computer. In other words, you will only need to remove the single file that belongs to the ransomware to get rid of it. If you need some help, please use our manual removal guide (scroll down to find it). What else you can do is to scan the computer with an automatic malware remover. Do not download and install the first tool you find on the web because there are so many unreliable scanners these days. They are often made to look trustworthy, but the truth is that they only pretend to be effective.

How to delete Flyper Ransomware manually

1. Open Explorer (Win+E).
2. Go to C:\Users\[your username]\Downloads and look for a malicious .exe file that belongs to the ransomware infection.
3. Delete it.
4. Empty the Recycle bin.