ust recently we
reported on various ransomware types that failed in their malicious intentions. Some were cracked by security experts due to poor implementation, while others flopped because the decryption key had been ‘left’ on the victims’ machine, allowing decryption of files without paying the ransom.
But the threat seen by ESET researchers over the few last days falls into an entirely different category. As the detection name suggests,
MSIL/Hoax.FakeFilecoder.A – dubbed also Jigsaw 2.0 – is not a fully-fledged ransomware, but it does try to feed off of ransomware’s current popularity amongst cybercriminals.
“So why is it labeled as hoax?” you might ask. Well, it lacks the main functionality of extortion malware – it can’t encrypt victims’ files, nor can it block access to the device. Mimicking recent failsomware Jigsaw (
free decryptor available online),
MSIL/Hoax.FakeFilecoder.A uses the graphics from the movie Saw, threatening to delete users’ files. As ESET analysis has proven, these claims are false as well.
