Black Feather is new ransomware virus. The virus encrypts the files of infected users with a complex algorithm. Most ransomware viruses offer a decryption of locked files. The crooks behind Black Feather, however, decided that’s too much of a hassle. They will NOT decrypt your files after you pay them the 0.3 BTC (around $180) fee.
Black Feather Ransomware Virus – More Details
Most cybersecurity experts would advise against paying virus ransoms. In the case of Black Feather, is pointless to pay, as the developers of the ransomware don’t even keep the keys. Locked files will remain locked, no matter how much money you throw at Black Feather. The ransomware is based on the popular open source code HiddenTear.
The virus distributes itself with the help of an infected PDF file. Once it’s opened, the file will display this message:
There was an error opening this document. The file is damaged and could not be repaired
The virus will then start encrypting the files of the victim’s PC.
Black Feather Ransomware Virus – Encryption Process
Black Feather, like most ransomware viruses, targets specific file types. Files that will be important to users, which increases the chance they’ll pay. The encrypted files will include the “.blackfeather” file extension at the end of their name.
The ransomware is likely to target the following file types:
- Project files
The ransomware virus is going to drop the following ransom note on the infected PC:
Welcome to Black Feather.
Thank you for downloading our software.
All of your files have been encrypted with a secure 256-bit HASH.
This means you can no longer access your files without the decryption key.
You can decrypt your files by paying us 0.3 BTC; this will remove the encryption
and give you full access to your files again.
It doesn’t matter what the ransom note says. The crooks have no interest in helping any of their victims, even if they pay.
Black Feather Ransomware Virus – Conclusion
If you have the .blackfeather ransomware virus on your computer, you should remove it with a special anti-malware tool and wait for a reliable decryption method to be created. You should also back-up all the encrypted files before you temper with any of them. This article will be renewed as soon as any solutions are available, so stay tuned.