Ransom.BSM

Ransom.BSM is Malwarebytes” detection name for a type of ransomwarethat renames all files in available drives with the .FRSextension. Although it claims that it encrypts files, it really doesn’t; however, it removes permissions set on all files and denies anyone access to them.Below is the English section of the message it shows affected users:

It’s possible that there are various versions of this ransomware in the wild, using different addresses to where affected users can send Bitcoins to.

Malwarebytes protects users from Ransom.BSM by using Anti-Ransomware technology.

How to remove Ransom.BSM with the Malwarebytes Nebula console

You can use the Malwarebytes Anti-Malware Nebula console to scan endpoints.

Nebula endpoint tasks menu

Choose the Scan + Quarantine option. Afterwards you can check the Detections pageto see which threats were found.

On the Quarantine pageyou can see which threats were quarantined and restore them if necessary.

Affected users can use the activation code or key below to “decrypt” their files:

T72KM-WFGWX-FRT9J-4J6C9-7WT2B

Malwarebytes can detect and remove Ransom.BSM without further user interaction.

Take note, however, that removing this ransomware does not decrypt your files.Affected users can use the activation code or key below to “decrypt” your files:

T72KM-WFGWX-FRT9J-4J6C9-7WT2B