GIOTINE FIDY Ransomware

GIOTINE FIDY Ransomware, also called Giyotin Ransomware by specialists, is a Turkish ransomware infection that has fallen into our malware researchers’ lap quite recently. According to researchers, it is very likely that this infection is still in development because it does not perform any activities typical crypto-threats do on affected computers. In other words, it does not lock users’ files or system utilities. It does not even drop a ransom note. Instead, it opens a window that covers the screen completely. It contains a red skull and a message in Turkish, which suggests that it has been developed by malicious software developers living in Turkey and it targets Turkish-speaking users primarily. As mentioned, the ransomware infection does not encrypt any personal files yet, so it is very likely that none files have been locked on your system too. Close the window and check them yourself. In any event, you should not send money to cyber criminals behind the ransomware infection. You should delete GIOTINE FIDY Ransomware completely instead. If you have encountered a new version of GIOTINE FIDY Ransomware that has locked files on your computer, you should not pay a cent to crooks in this case either. Remember, cyber criminals cannot be trusted – they might not give you the promised decryption tool even if you do as instructed and send money to them.

Unlike a bunch of ransomware infections analyzed by researchers working at pcthreat.com, GIOTINE FIDY Ransomware does not lock any files on affected computers. Once executed, it places a window with a message for users on their Desktops. It does not allow them to access files and programs, but, luckily, it can be easily closed by the user himself/herself. You just need to tap Alt+F4 on your keyboard once. The opened window contains a message that, first of all, informs users that their PCs together with all the most important files have been locked. If you read it, you will also find out what you can do about that. You will be told that everything will get back to normal only if you create a Bitcoin account and wallet, send 60 USD in Bitcoin to the address provided below and then write an email to the provided email address: anony46NcRyptr708onion@protonmail.ch. Users are given only 12 hours to do that, but it is pointless to hurry, we can assure you that. Most likely, your files have not been encrypted by GIOTINE FIDY Ransomware, as we have already mentioned several times throughout this report. As a consequence, there is no point in sending money to cyber criminals too. You should simply close the window opened and delete the ransomware infection from your system. It does not have a point of execution, but it might start working again if you open its malicious file.

GIOTINE FIDY Ransomware is not one of those popular threats. We suspect that it has infiltrated only several computers so far because it is still in the development phase. Theoretically, it might become more prevalent in the near future, but it is really hard to say whether this will really happen. What we know for sure is that you should stop opening attachments from spam emails because these emails are often used to promote malicious applications. You should not use any RDP connections with weak credentials either because they might get hacked in no time. Last but not least, we highly recommend that you keep a trustworthy antimalware tool installed on your computer so that no threats could ever infiltrate your computer without your permission again.

Even if you have found out that GIOTINE FIDY Ransomware has not locked any files on your computer, it does not mean that you can keep the ransomware infection active on your system. You can delete it either manually or automatically. There is probably no need to say that ransomware infections are known to be serious malware. Luckily, GIOTINE FIDY Ransomware can be erased from the system manually quite easily even though it is considered a serious computer threat. You just need to close the opened window first and then delete all suspicious files downloaded recently. It is a must to do that in order to delete the file that launches the ransomware infection from the system.

Delete GIOTINE FIDY Ransomware manually

1. Tap Alt+F4 on your keyboard to close the ransomware window.
2. Open the Downloads folder (%USERPROFILE%\Downloads).
3. Delete all suspicious files downloaded recently.
4. Remove suspicious files from your Desktop (%USERPROFILE%\Desktop).
5. Empty Recycle Bin.