There’s a new variant of ransomware crawling around the internet called File Spider. 

If you hate getting caught in spider webs, you’re going to hate getting caught in this File Spider ransomware even more.  

That’s why I’m going to go over what you can do to help prevent you from becoming a victim to this new File Spider ransomware.  

Plus, I’m going to tell you the basics how the File Spider Ransomware works.

But first, the most important preventative measures you can take right now to help prevent becoming any ransomware victim.

file spider ransomware screenshot

File Spider ransomware screenshot

Do not open email attachments if you do not know who sent them.

ALWAYS have a reliable and tested backup of your data that can be restored in the case of an emergency, such as a ransomware attack.

Second, Use these good cyber security habits to help mitigate your chances of being a victim of File Spider ransomware. data backup

How to Prevent File Spider Ransomware 

  • Backup your data. 
  • Do not open attachments if you do not know who sent them.
  • Do not open attachments until you confirm that the person actually sent you them.
  • Disable macros by default.
  • NEVER execute unsigned macros and macros from untrusted sources.
  • Educate employees about the danger of ransomware.
  • Whitelist emails from people you do business with and trust.
  • Make sure all Windows updates are installed as soon as they come out! 
  • Update all programs, especially Java, Flash, and Adobe Reader. 
  • Use STRONG passwords and never reuse the same password at multiple sites.
  • Have Anti-Virus, Ant-Malware, Anti-Spyware installed and updated.
  • Use firewalls and routers –change the default password.


How File Spider Ransomware Works

File Spider is spreading like many other ransomwares starting with an email sent to their potential victims. The email will usually have an enticing subject line that will get opened due to overwhelming curiosity.  

The File Spider subject line has been reported to use this example, “Debt Collection“. 

  1. First the potential victim opens the email.
  2. Secondly, they open the Microsoft Office attachment.
  3. They enable Macros.
  4. This allows PowerShell to start downloading the File Spider ransomware from a host website.
  5. PowerShell script decodes the Base64 string and performs operations to decode the final payloads in an .exe file — which contains the Spider ransomware encryptor. 
  6. PowerShell launches the encryptor, thsus encrypting the victim’s files, adding a ‘.spider’ extension to them and then displaying a ransom note. 
  7. The File Spider ransomware instructs the victim that they need to make a bitcoin payment in exchange for “the right key” in order to decrypt their files. 

The hacker also makes it clear that if the ransom isn’t received within the time limit of 96 hours, their files will be deleted and they shouldn’t “try anything stupid” since they claim their ransomware has “security measures” that will make it impossible for the victim to retrieve their files without paying their ransom. 



Demonstration Video How File Spider Works:

How to Remove File Spider Ransomware Now!

Did you get hit with File Spider Ransomware?

You can remove File Spider Rassomware by using your data backups.

Need help?

Call Hyphenet to help you restore your data using your data backups: (619) 325-0990
Bring us your laptop or computer and we can get started today!

There is also a virus removal step by step process you can now follow in this guide:


“Ransomware isn’t going anywhere. In fact, ransomware attacks have risen 250 percent in 2017, hitting U.S. hardest.”

Source: http://www.newsweek.com/ransomware-attacks-rise-250-2017-us-wannacHow to protect yourself from the File Spider Ransomwarery-614034

Think of cyberattacks in the same way that they would approach a natural disaster — there’s no predicting when it’s going to happen, but have a plan in place in case it does.  





Sign up for our FREE email newsletter
so you don't miss out on any of our great content!

You have Successfully Subscribed!