FairWare Ransomware virus removal. Who said there is no ransomware for linux? Remove ransomware linux.

FairWare Ransomware seems to be the next tricky way to earn money by stealing or locking files. This time FairWare is targeting Linux OS users. The common way of ransomware is behaviour is well know, however FairWare ransom brings new way, which instead of encrypting files it is hacking a Linux server and delete the web folder. To give the files back cybercriminals demand a ransom payment of two bitcoins, approximately $1100. The difference between Windows and Linux ransomware is that Linux actually retain files somewhere under their control without any encryption.FairWare RansomwareThe common ranom background lock screen, which informs victims will be substituted. Victims of FairWare ransom reports that they first discovered of the attack when their web sites were down. After trying to logged into Linux servers, victims find out that web site folder missing and found note called READ_ME.txt into /root/ folder. When victims open the note found a link on pastebin with a further info.

READ_ME.txt contains the following text:

Hi, please view here: 
http://pastebin.com/raw/jtSjmJzS for information on how to obtain your files!

FairWare ransomware developers demand two bitcoins to address 1DggzWksE2Y6DUX5GcNvHHCCDUGPde8WNL and paid within two weeks in order to get their files back. Victims can also contact cyber criminals via email “[email protected]” for more information, help or questions.

FairWare ransomware note contains the following text:

YOUR SERVER HAS BEEN INFECTED BY FAIRWARE | YOUR SERVER HAS BEEN INFECTED BY FAIRWARE
Hi,
Your server has been infected by a ransomware variant called FAIRWARE.
You must send 2 BTC to: 1DggzWksE2Y6DUX5GcNvHHCCDUGPde8WNL within 2 weeks from now to retrieve your files and prevent them from being leaked!
We are the only ones in the world that can provide your files for you!
When your server was hacked, the files were encrypted and sent to a server we control!
You can e-mail [email protected] for support, but please no stupid questions or time
wasting! Only e-mail if you are prepared to pay or have sent payment! Questions such as:
“can i see files first?” will be ignored.
We are business people and treat customers well if you follow what we ask.
FBI ADVISE FOR YOU TO PAY: https://www.tripwire.com/state-of-security/latest-security-news/ransomware-victims-should-just-pay-the-ransom-says-the-fbi/
HOW TO PAY:
You can purchase BITCOINS from many exchanges such as:
http://okcoin.com
http://coinbase.com
http://localbitcoins.com
http://kraken.com
When you have sent payment, please send e-mail to [email protected] with:
1) SERVER IP ADDRESS
2) BTC TRANSACTION ID
and we will then give you access to files, you can delete files from us when done
Goodbye!

This linux ransomware performs actual stealing, instead of leaving locked files to victims, which leave no choice but to pay. Paying is not recommended, however may be necessary. Be aware and proceed with distrust. It is currently unknown how all this work and how files can be restored for free if posible.

How to protect against linux ransomware is most frequently asked questions in the past year. Since ransomware has become the biggest threat among all viruses, people ask themselves if there’s a way to protect from such. It is already too late if you once suffered ransom attack and file has been locked. For some there is a solution but for others disappointment. Either way popularity of ransomware rises and new development are presented every day.

What can we do against the battle with ransomware linux?

  • If you are already infected do not pay the ransom! Remove the virus and look for other solutions rather than paying. Paying the ransom may be your only option if you have really valuable data. However we do not recommend doing this because you will support the work of criminals. The risk of losing money and still stuck with encrypted files since there is no guarantee in any way that you will recover what one is lost.
  • Security researcher are always working on recovery solutions. Not all ransomware are professionally developed and being cracked, but some are so good developed that there is no current way to be beaten at the current date. One of the solutions is system restore.
  • Best solution is if you have a backup, wipe your hard drive and perform system restore. If not, backup your data frequently. Store backup data in any removable storage device or use any online backup services.
  • Protect your computer with antivirus, internet security, anti-malware software or new developed applications like anti-ransomware. Highly recommended is to keep it up to date and use the paid surveys. We do not recommend free applications.

Manual steps to remove ransomware or malware. How to prevent ransomware or malware.

For now, removing ransomware or malware manually will only be able for IT specialists. If you don't know one don't worry. We have a solution for you. Over here we will use Spyhunter to remove the virus. The Spyhunter anti-malware is a collection of programs that can be used to scan for malware and clean infected computers. You can also use full anti-malware program in this case which is the better option because it also offers protection.

How to remove "ransomware or malware"

NOTE: In this option the virus will be removed but the files will remain locked! You have to decrypt your files.
  1. Download Spyhunter anti-malware.
  1. 2.  After program has been downloaded, double-click to open it. User will have to install the program. Click on Spyhunter.exe to start the process.
User Account Control dialog may appear, asking you to allow the following program to make changes to this computer. Click "Yes" or "Run" to proceed with the installation. User can also choose variety of languages. Click Ok and the installation will begin with a welcome massage for Spyhunter. Click Next to continue to the next step. User will also have to accept Spyhunter license agreement by clicking on "I accept the agreement" and click Next. Spyhunter will ask user to read important information provided before continuing. Once done click on next to go to the next step. User can choose where to install the program. By default - C:Program FilesEnigma Software GroupSpyHunter. The process will continue and then Spyhunter will install. The installation process may take awhile, depending on a computer system performance. Once the installation is done, click Finish.
  1. 3. Update the software before scanning. Once program has been updated go to scan. You can choose from a free trial version or activate license. It is recommended to buy full version as the trial will not protect computer system.
  1. 4. The scan process will begin. The scan process may take awhile, depending on a computer system performance.
  1. 5. Once the scan is complete you can choose between delete or quarantine the viruses. The quarantine option is recommended and since the malware is active a reboot will be required to finish process.

Click here for guide of how to uninstall spyhunter.

Decrypt ransomware files.

Good news is that we can now use decryption programs. A lot of security companies like Kasperky lab, bitdefender and more has developed a program that is fully capable of decryption key for ransomware malware. You can find this programs anywhere on the internet but it is strongly suggested to download this programs from official websites. NOTE: It may take a long time for your files to be decrypted depending on your PC performance.