Foxy ransomware is a file-encrypting virus that is based on the source code of an infamous Hidden Tear ransomware. Just like any other crypto virus, this one is designed to encrypt the files on the victimized computer, lock its screen and demand a ransom for a decryption tool. After the malware finishes its job, it appends a .nightmare file extension to the corrupted files.
The Foxy file encoder Trojan is designed to apply a modified AES-256 cipher to the targeted data, which includes audio, video, images, text, databases and eBooks. The Foxy Ransomware is reported to run as ‘WindowsSoundDriver.exe’ and ‘Foxy – Rnsmwre.exe’ on compromised devices. Computer security experts note that the threat is designed to send the decryption key to its masters and delete the local Shadow Volume snapshots created by Windows, limiting the user’s recovery options effectively.
Cybersecurity experts say that ransomware is distributed via fake Windows Audio Driver , Spam emails attachments, corrupt or malicious scripts, embed doc files etc.
The Foxy Ransomware is classified as a mid-tier crypto-threat that should be removed using a reliable anti-malware such as Max Total Security. You can rebuild lost data by loading backups and copies from a cloud storage service (Dropbox, Google Drive, OneDrive, etc.) or Max Total Security Data back up.