The STOP/Djvu Ransomware Family Continues to Grow wirh FEFG Ransomware
FEFG Ransomware is another addition to the prolific STOP/Djvu Ransomware family. Like other associated variants, it mostly spreads via unreliable downloads, phishing emails, social engineering scams, and questionable advertising content.
FEFG Ransomware operators are looking to extort victims for a quick payoff by locking their files and then demanding a ransom payment for file decryption. Most file types can be affected by this ransomware encryption, including photos, music, documents, and videos.
Unfortunately, a decryption tool that would unlock files encrypted by FEFG Ransomware is not available at the moment, and the only reliable way to recover infected files is to restore them from a backup. It is also possible to use alternative data recovery options, but there’s no guarantee that alternative data recovery tools will unlock all the encrypted files.
After infiltrating a victim’s computer, FEFG Ransomware appends affected files with the ‘.FEFG’ suffix and drops a ransom note on the user’s desktop in the form of the ‘_readme.txt‘ document. The ransom note, which asks the victim to pay $980 for file decryption, also provides the contact information to communicate and ask hackers any questions. The victims are asked to establish communication via restorealldata@firemail.cc and gorentos@bitmessage.ch emails or their Telegram account: @datarestore.
Victims who respond within 72 hours are offered a 50% discount on the ransom. Additionally, should victims contact the criminals through the emails, they will be told to send one file to the attackers to have it decrypted for free. The hackers do this to prove they can unlock the victim’s files upon paying the ransom. Although cooperating with the cybercriminals behind FEFG Ransomware may feel like the easiest way to solve your issue, you should keep in mind that they will not help you for free, and paying does not guarantee that you get your files back or even receive any decryption tools.
Dealing with the FEFG Ransomware Infection
If you get infected with FEFG Ransomware, you should scan for the related files using a reputable anti-malware tool. Additionally, to mitigate possible damages in a future ransomware attack, you should keep backup copies of your valuable data on an external disk or a cloud drive.