AnteFrigus Ransomware

What is AnteFrigus Ransomware?

When you do not take care of your operating system, you open a door for malware, and one of the infections that could use it is the AnteFrigus Ransomware. This infection might use remote access vulnerabilities, spam emails with malicious attachments, and clandestine bundled downloaders to enter the operating system, and if there is no reliable security software to stop the execution of this threat, your personal files are put at risk instantly. This malware encrypts files and, as the name suggests, it demands a ransom payment afterward. This payment, allegedly, would be exchanged for a decryptor, but can you trust cybercriminals? Of course, you cannot trust them, and that is why our research team does NOT recommend making any payments. In fact, we do not recommend interacting with cybercriminals and their malware at all. Instead, you should focus on deleting AnteFrigus Ransomware.testtest

How does AnteFrigus Ransomware work?

AnteFrigus Ransomware does not encrypt system files. There would be no point in doing that. If that happened, you would be able to reinstall Windows and all lost applications. Of course, your personal files would be lost, but they appear to be lost anyway. The threat encrypts personal files, which includes documents and photos, and once that is done, you should find the “.{6 random letters}” extension attached to their names. You do not need to remove this extension. After encryption, AnteFrigus Ransomware also shows an “Attention!!!” warning that informs about encryption and points to a file on the Desktop. This file represents the random extension in its name – “{6 random letters}-readme.txt.” You can delete this file right away – and that is what you will need to do in the end – but it is safe for you to open it now. Obviously, we can tell you right away that following the instructions that are included in the message inside should not be taken seriously. Of course, the choice is yours, and if you want to obey cybercriminals, you are free to do so, but please be aware of all the risks involved.

The ransom note represented by AnteFrigus Ransomware suggests that you need to visit a special website set up by the attackers. To visit it, you need to download the Tor Browser, and if you cannot do that, the attackers suggest using a virtual private network (VPN). The email address is added, and you are supposed to use it in case you face any obstacles. The ransom note alludes to a ransom payment and suggests that it would have to be paid in Bitcoin. When you visit the .onion website that you are supposed to reach via the Tor Browser, you are informed that you need to pay $1,995 ($3,990 after four days) “to recover your files.” At the time of research, the money had to be transferred to the 12VXBL2CdMyEYEijon4h4LHgo9NtttGuTH Bitcoin wallet. When we analyzed AnteFrigus Ransomware, only one transaction had been made to this wallet, and the total was 0.00114124 BTC, or ~$8. Even if the ransom was smaller, we would not recommend paying it because the chances of you getting your files restored just because you give cybercriminals what they want are slim to none.

How to delete AnteFrigus Ransomware

The launcher of AnteFrigus Ransomware is likely to have a random name, and the location of this file depends on how it was dropped onto your computer. Of course, we do not know whether or not you will be able to find and delete this file, which is why we do not consider the manual removal option as the favorable one. Our researchers recommend installing anti-malware software. If it is legitimate and up-to-date, it will have no trouble detecting and removing AnteFrigus Ransomware from your operating system. This software will also ensure that Windows is protected, which is the first step towards ensuring that malware cannot slither in. The second step is to exercise caution. Remember that if you download from unreliable websites, open strange emails, and skip updates, you are more likely to face threats. Finally, you want to prepare for the worst. Due to this, we strongly recommend setting up cloud storage or an external drive to create backups for all important files. If you have backups now, you can replace the encrypted files.

Removal Instructions

  1. Move to the Desktop.
  2. Right-click and Delete the ransom note file, {6 random letters}-readme.txt.
  3. If you can locate the launcher of the infection, right-click and Deleteit. A few potential locations:
    • %TEMP%
    • %USERPROFILE%\Desktop
    • %USERPROFILE%\Downloads
  4. Empty Recycle Bin.
  5. Perform a full system scan to check for leftovers. Employ a reliable malware scanner for that. 100% FREE spyware scan and
    tested removal of AnteFrigus Ransomware*

Leave a Comment

Enter the numbers in the box to the right *