One of the latest ransomware samples is curable without the necessity of sending transactions of BTC to creators of this virus. IT specialists have diagnosed an appropriate recovery treatment for users that have fallen into despair due to dastardly M4N1F3STO virus. Ideas about to which category this infection belongs to fluctuate from referring to it as a ransomware or identifying it more generally, as a Trojan. We completely understand why this infection might not be freely assigned to the ransomware clan, but we have to admit that there are some instrumental similarities between the group and M4N1F3STO. It does lock your screen and demand a fee. However, the ransom is not demanded for a decryption code/software. M4N1F3STO simply threatens to gradually delete more and more files. The longer victims procrastinate, more data is going to be permanently destroyed. To finish this introductory paragraph, we should mention that the creators of this sample might have watched too much Saw, as they feel extremely eager to “play a game”.
What is manifest M4N1F3STO virus about?
Challenges that M4N1F3STO virus wants you to deal with are completely deceptive. Since this variant does not bother with the encryption of your data or select complicated ciphers for this job, its way of proceeding is less sophisticated. Remember those threats about gradually deleting your files? Security researchers chuckle, as M4N1F3STO virus throws these frightening declarations without feeling obligated to actually implement them. Why bother, if it is enough to convince people that a harmful process is in progress? When a naive victim starts to fear for the safety of his/hers files, then it is much more easy to persuade them to purchase Bitcoins and send them to hackers.
Long story short, the main objective for this virus is to infiltrate into devices and modify Windows Registry Keys by adding additional entries in. Then, M4N1F3STO virus will display a frightening lock screen which will mock victims with inappropriate language and rude attitude. All of the statements in the message are lies as neither encryption, nor deletion of your files occurs. Even though, some desperate victims are going to send 0.3 BTC (according to the latest rates: 233.84 US dollars), the received code is going to trigger an additional window, mocking users for their simplicity. As it turns out, there is no actual reason to send BTC to the hackers. The code to escape the lock screen is also quite disturbing: you can find it in the image below.
How to escape the lock screen and secure your files from M4N1F3STO virus?
We are going to keep this paragraph short. In the section above, we already explained that it is enough to enter the code and the lock screen will close. If for some reason the screen remains, you can explore an alternative method. You should reboot your device in a Safe Mode with Networking and run a scan with an anti-malware tool of your selection. Spyhunter or Malwarebytes is one of the possible candidates for this task. If you already have a reliable program, it will surely detect some infections and offer the option of removal.
Distribution methods for M4N1F3STO virus: what are they?
IT specialists are debating how people can receive this Trojan-slash-ransomware. It is possible that the payload is hiding in email letters. That is why you should never freely download attachments from your inboxes without making sure that the sender is trustworthy. In many cases, infectious letters claim to be from authorities that demand you to address some issues regarding your taxes, account info, flight tickets or etc. In reality, these emails are fake and the indicated issues are not even relevant to you. Sometimes, even by opening a malicious email, you might become infected. For this reason, you should always be prepared to delete suspicious emails from your account.
Update of the 19th of December, 2016. A new version of M4N1F3STO screen locker has been detected. This new variant of the virus does actually encrypt data. The decryptor has been created by Michael Gillespie, who can be found on Twitter.
As it is seen from the latter screen, the updated version of M4N1F3STO trojan pretends to be a Windows update, about which the user is informed by the so-called Microsoft technician Jhon Woddy.
Automatic Malware removal tools
(Win)
Note: Spyhunter trial provides detection of parasites and assists in their removal for free. limited trial available, Terms of use, Privacy Policy, Uninstall Instructions,
(Mac)
Note: Combo Cleaner trial provides detection of parasites and assists in their removal for free. limited trial available, Terms of use, Privacy Policy, Uninstall Instructions, Refund Policy ,