A New Jig
A new ransomware that is extremely ruthless is on the rounds. The ransomware locks you out of your computer and locks your files away, and then starts deleting them if the ransom is not paid on time.
The ransomware called Jigsaw, starts to delete files an hour after they have been affected, and there is no sign of ransomware being paid. The Bitcoin ransom that is demanded is equivalent to $150. The Jigsaw ransomware initially deletes one file to show its severity, but as time goes on, it starts deleting multiple files after every hour. Turning off the computer is nothing but a big mistake because once the computer turns on again, 1,000 files are permanently deleted. Jigsaw eventually removes all the remaining files if after 72 hours no ransom is paid.
“Try anything funny and the computer has several safety measures to delete your files,” reads Jigsaw’s ransom note, alongside a pic of the Jigsaw’s killer’s mask.
Jigsaw is one malware that has gone on to delete the files as it has threatened. Other malware like Chimera, threaten to post data on the Internet, but security researchers have found it to be an idle threat. The Chimera malware does not have the ability to do this, but the Jigsaw malware does and does it efficiently and quickly.
But There’s Hope
Fortunately, security researchers have come up with a way to counter the Jigsaw ransomware without having to pay anything for your files.
Lawrence Abrams, Bleeping Computer, explained that the first entails you opening the Windows Task Manager terminal and kill all processes named firefox.exe or drpbx.exe. These files were created by Jigsaw. Users then need to launch Windows MsConfig and disable the entry which leads to %UserProfile%\AppData\Roaming\Frfx\firefox.exe. This stops the data deleting process and also prevents the ransomware from restarting again once the computer reboots.
Once you are done with that, you can download BleepingComputer’s free Jigsaw Decrypter utility to decrypt the files. A full scan is needed after, using an anti-malware program to remove any remaining pieces and traces of the malware.
Abrams, however, thinks although there is a solution to the ransomware now, Jigsaw creators will go on ahead and try to find another way to make the malware potent again.