A dangerous ransomware virus was encountered by malware researchers last week, dubbed FenixLocker and using the [email protected]!! file extension which it adds to files encrypted with AES encryption algorithm. Not only this, but the virus is also reported to leave behind ransom notes, named Cryptolocker.txt and Help to decrypt.txt. These notes ask users to contact the cyber-criminals behind this virus after which they ask the infected users to pay the sum of 500$ along with detailed instructions. Thankfully, malware researchers at EmsiSoft have released a free decrypter for FenixLocker, and we have created instructions on how to use it and successfully restore your encrypted files.
FenixLocker – More Information
FenixLocker is an interesting piece of malware. Unlike most @india.com ransomware variants, this particular ransomware uses the words “FenixIloveyou!!” in it’s source code, suggesting it is a unique variant.
Besides this, FenixLocker may also use an AES-128 encryption algorithm to render the files unusable. After encryption it adds the following ransom note:
After contacting the e-mail, the victims receive the following ransom instructions:
A researcher from EmsiSoft, Fabian Wosar has released a decrypter for this virus, and we have provided relevant instructions to help you decrypt your files for free instead of having to pay 500$ or more. Simply follow the instructions below to first remove FenixLocker and then decrypt your files.
FenixLocker – Removal
Before begging to decrypt your files, it is important to first remove FenixLocker from your computer. To do this effectively, we advise following the below-mentioned removal instructions: