FriedEx virus is a dangerous ransomware targeted to get cryptocurrencies. It comes from a trojan family of DriedEx – distributor of trojans that have been attacking various companies all around the world for years now.
FriedEx is not that different from other trojans from CriedEx family and it’s primal target remains to be various companies and organisations. It’s believed that they have specifically targeted them due to the ability to steal more money rather than from individual computer users.
It is almost identical to BitPaymer virus from a technical standpoint, so this information is also relevant in case you are seeking for advice regarding BitPaymer. Also, Razy Ransomware is another ransomware virus that is associated with FriedEx one way or another. “Bit Paymer” ransomware was discovered by cyber security researcher Michael Gillespie back in July of 2017, yet is not know how long FriedEx virus has been around.
BitPaymer made a huge splash when it successfully infected NHS hospitals in the summer of 2017, paralysing the network of hospital and asking for a ransom in return.
It is not known how FriedEx virus is spread, however examples of BitPaymer virus shows that cyber criminals behind this infection might be spread via RDP (Remote Desktop Protocol) brute force attacks.
Even though FriedEx is targeted to organisations and companies, there are recorded cases where it infected regular users, therefore anyone can become a victim of this trojan. In this sad case, FriedEx will scan your computer to identify files that can be encrypted and then apply randomly generated RC4 key to every single one of them. Following that, it will encrypt the key itself using 1024-bit RSA public key.
Just like other trojans from DriedEx seen in the past, FriedEx tries to keep low profile and hide activities performed on infected systems. That makes it extremely hard to tell what exactly is happening. However, it doesn’t take much knowledge to tell whether your computer is infected or not – just navigate to the /Win folder and look for the file called “Filecoder.FriedEx”.
Just the same as BitPaymer ransomware, FriedEx is using “.locked” extension on locked files. It is not known yet how much you will be asked to pay in the case of infection by FriedEx, but the ransom should be enormous as BitPaymer used to ask for 50 Bitcoin.
Moreover, FriedEx is not only denying your access to files, but also threatening you that if you fail to pay the ransom, your private files will be published online. That’s extremely dangerous for various companies that have a hold of personal information of their clients.
No way back with FriedEx
Probably the worst news is that once your files are locked by FriedEx, there might be no way back – there is no decryptor available and even if you can afford to pay the ransom, it might be not worth it, since people behind this malware can scam you.
There is some hope left for those who have a valid copy of the hard drive that was made before FriedEx infected computer. In this case, a system restore can be performed. Also, if your files are not encrypted yet but files of the virus are already loaded on your computer or you have a suspect that this is happening – do yourself a favour, scan your computer with anti-malware application. We suggest to use Spyhunter, as both of those applications can deal effectively with various computer viruses.
Automatic Malware removal tools