1 of 2
Danger level 7
Type: Trojans
Common infection symptoms:
  • System crashes
  • Connects to the internet without permission
  • Installs itself without permissions
  • Can't be uninstalled via Control Panel

BlackFeather Ransomware

BlackFeather Ransomware is a nasty computer infection that always enters computers without permission. You can be ready for trouble if it ever finds a way to enter your computer. Researchers at pcthreat.com have noticed that BlackFeather Ransomware is a file-encrypting infection that targets the most valuable personal files. It encrypts them to be able to ask users to pay money for the decryption tool. To be frank, researchers have not found it surprising at all that this threat acts the way it does because it has become immediately clear for them that BlackFeather Ransomware is based on the code of Hidden-Tear, which is available on the web. Even though the source code of Hidden-Tear has been made public for educational purposes, BlackFeather Ransomware is definitely not going to act peacefully. Cyber criminals behind this infection know what they want – your money. You should not transfer money to cyber criminals even though you need the decryptor badly because a free tool for the decryption of files should be developed by specialists soon. Also, you do not even need to have the special tool to recover your files if you have their copies on an external device.

If BlackFeather Ransomware ever sneaks onto your computer and encrypts your files, we are sure that it will not take long for you to understand that your documents, images, videos, and other valuable material are all locked because a new filename extension .blackfeather will be attached to each of your files. In addition, you will see a new file (BLACK_FEATHER.txt) that you have not created yourself on Desktop. It does not tell users much. They are only informed that they need to pay 0.3 BTC (approximately $182) for the decryption tool:

This is a backup of the deposit address.

Send 0.3 BTC to decrypt your files

Validate payment in the program.


Once the decryption process is finished, a window with a similar message might be opened too. It says that “all of your files have been encrypted with a secure 256-hit HASH” and also informs that the only way to gain full access to those files is to pay the required money. You already know our opinion – we suggest that you do not transfer money to them. As we have told you, you can recover them easily after the BlackFeather Ransomware removal if you have a backup. If not, we suggest removing the ransomware and waiting for the decryptor to be developed. A free tool should be released soon, so do not delete those encrypted files.

Unlike other ransomware infections, BlackFeather Ransomware connects to the Internet, but specialists have noticed that it does not send any information to its C&C server. This suggests that it does not store keys that can unlock files anywhere either. As it does not know them, there is no point in transferring money too because you will not get the decryption key. Your money will not be refunded either.

Even though ransomware infections slightly differ, they are all created to enable cyber criminals to obtain money from users. Therefore, you should take measures to prevent those infections from entering the computer. What you can do to protect your PC from harm is to install a security tool. Also, we suggest staying away from spam emails because ransomware infections, e.g. DevNightmare Ransomware, Crypt0 Ransomware, and Locklock Ransomware often enter systems when users open attachments from spam emails. The spam email attachment might be very harmful despite the fact that it looks like a document, so it would be best to ignore the spam mail folder completely in the future. Do not forget to keep your security tool always enabled as well if you do not want to encounter another infection ever again.

You will not gain access to your files, but you need to delete BlackFeather Ransomware as soon as possible. Luckily, this infection does not make many modifications, and it works from the place it is launched, so you just need to find and remove the malicious file of this ransomware infection to erase it fully. If it is the first time you are going to delete ransomware, you should use our manual removal guide (see below) or scan the computer with SpyHunter. It will delete this infection fully for you. Also, it will eliminate all other threats if it finds them installed on your computer.

How to remove BlackFeather Ransomware

  1. Find the malicious file you have opened (it might be hiding on Desktop or in the Downloads folder C:\Users\[Username]\Downloads).
  2. Delete it.
  3. Find and remove the ransom note BLACK_FEATHER.txt from Desktop.
  4. Empty the Recycle bin.
Download Spyware Removal Tool to Remove* BlackFeather Ransomware
  • Quick & tested solution for BlackFeather Ransomware removal.
  • 100% Free Scan for Windows

Post comment — WE NEED YOUR OPINION!

Please enter security code:
This is a captcha-picture. It is used to prevent mass-access by robots.