November 08, 2016
Fuck Society ransomware isn’t the first cryptovirus with that theme. This one however claims to use RSA with 4096 bits for the encryption process. All encrypted files will have the extension .dll. That is troubling, because if you tamper with all files which have that extension on a massive scale, you might break your operating system. To see how to remove the ransomware and how you can try to restore your files, read the article carefully.
Fuck Society Ransomware – Spread
The Fuck Society ransomware virus might infiltrate your PC system by using various methods. The payload file might be spread with spam e-mails. Such e-mails are written in a way to make you think that they are of high importance, including the files attached to them. If you don’t do the necessary checks and rush into opening the attachment that will release the malicious payload. That means that your computer machine will get infected.
Fuck Society ransomware could infect your computer with other, alternative methods. For instance, the creators of this cryptovirus could spread their malware with the help of payload files pretending to be useful programs across the Internet. Social media networks and file-sharing services are mostly the platforms used for that purpose. Do not open files, from suspicious sources, especially if they come from such e-mails and links. Always perform a scan with a security program and check the file’s size and signature first. You should read the ransomware prevention tips from the thread inside the forum.
Fuck Society Ransomware – Information
A ransomware cryptovirus that calls itself Fuck Society has been found in the wild. The ransom note starts with an obscene gesture and seems to be a reference to Mr. Robot and fsociety. The virus does seem to share a common theme with the Fs0ci3ty virus and the Fsociety ransomware. Besides the theme and the fact that all three are ransomware cryptoviruses, they seem unrelated and from different authors.
When your files get encrypted, they will have the extension .dll appended to all of them. That stands for Dynamic-link Library File and some critically important files responsible for the launching and running the Windows operating system have that extension. This means that you have to be careful if you try to recover your encrypted files.
When the Fuck Society ransomware unleashes its payload, it could create entries inside the Windows Registry. That is done for making the ransomware achieve a bigger level of persistence. Those registry entries can make the virus launch automatically with each boot of the Windows operating system. Your files will then become encrypted, and afterward, the ransom note will display on your desktop screen.
This is how the beginning of the ransom note looks like:
The full ransom note is included in a document named DECRYPT_YOUR_FILES.html and reads the following:
You are given a deadline of five days, and you are threatened with the deletion of your files if you do not meet that deadline. From visiting the given website address, you can see the Bitcoin address and that you are asked to pay 2 Bitcoins. The ransomware threatens to delete files. You should NOT even be thinking of contacting the cybercriminals or funding their criminal acts. Nobody can guarantee that all of your files will return to normal if you pay up. Furthermore, the criminals will probably just make more ransomware viruses.
You can view the Bitcoin address from the below screenshot:
The Fuck Society ransomware uses the RSA algorithm with 4096 bits for encryption. A list of file extensions which the ransomware seeks to encrypt is not yet available, but the file types are very probable to be documents, photos, and files that the majority of people use.
The Fuck Society cryptovirus is very possible to erase the Shadow Volume Copies from the Windows operating system by using the following command:
Read more to see the different methods you could try out to restore at least some of your data.
Remove Fuck Society and Restore .dll Files
If your computer got infected with the Fuck Society ransomware virus, you should have some experience in removing malware. You should get rid of this ransomware as fast as possible before it can have the chance to spread further and infect more computers. You should remove the ransomware and follow the step-by-step instructions guide given below. To see ways that you can try to recover your data, see the step titled 2. Restore files encrypted by Fuck Society.
Manually delete Fuck Society from your computer
News Courtesy : http://sensorstechforum.com/fuck-society-ransomware-remove-restore-dll-files/