A new ransomware called File Spider is being distributed through spam. These spams contain malicious Word documents that download and install the File Spider ransomware onto a victim’s computer.
The File Spider Ransomware, an original file encoder Trojan, is connected to the spiderwjzbmsmu7y[.]onion domain on the Tor Network. This is a generic crypto-threat equipped with custom AES and RSA ciphers. The threat targets the data generated by photos, videos, music, personal documents or eBook collections. Cybersecurity experts warn that File Spider Ransomware is spread through a PowerShell script found in spams in disguise of fake purchase notifications. This intrusive program also drops a rescue note with the names of folders along with hostage data. It is named as HOW TO DECRYPT FILES.html.
File Spider Ransomware is being actively detected by eScan.
File Name: enc.exe
File Name: dec.exe