Jump to content

Virus ransomware .ferosas

Recommended Posts

Boa tarde, gostaria de falar a respeito do vírus que recentemente vem tirando o sono de varias pessoas, que é o vírus ransomware que usa criptografia para transformar os todos os tipos comuns de arquivos em arquivos .ferosas.

Gostaria de saber, se já estão cientes do vírus e se já está sendo procurada uma solução para isso.

Aparentemente os antivírus não identificam os tipos de arquivos que são danificados como vírus.


Machine translation:

I would like to talk about the virus that has recently been taking the sleep of several people, which is the ransomware virus that uses encryption to turn all common types of files into .file files.

I wonder if they are already aware of the virus and whether a solution is already being sought.

Antivirus software apparently does not identify the types of files that are damaged as viruses.

Edited by Marcos
Machine translation added
Link to comment
Share on other sites

  • Administrators

Since this is an English forum, we kindly ask you to post in English. If you don't speak English well, you can use a machine translator.

As for your question, the files were most likely encrypted by Filecoder.STOP. Decryption for this variant is not currently possible. Do you have a license for an ESET product? If so, which one and what version have you had installed?


Link to comment
Share on other sites

Also a CryptoMix ransomware variant has used the .file extension in encrypting files as noted here: https://www.bleepingcomputer.com/news/security/file-cryptomix-ransomware-variant-released/ . And this article dates to Dec., 2017.

It also may be possible to decrypt the files:


According to the Technical analysis of CryptoMix/CryptFile2 ransomware by CERT Polska Team there is a cryptographic flaw in encryption and they are sometimes able to decrypt CryptoMix only if files were encrypted with a vulnerable version. You can contact CERT Polska at cert@cert.pl for possible assistance.


Link to comment
Share on other sites

This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
  • Create New...