M4N1F3STO targets Windows OS and its distribution method is currently unknown. The initial version was merely a screenlocker that contained the unlock code within its executable file and could be removed by entering Safe Mode with Networking and running antivirus software. However, the developers added an encryption component in the second version and it pretends to be a Windows Update sent by “Jhon Woddy” from Microsoft. Fortunately, for victims, M4N1F3STO is a poorly designed ransomware variant and it can be decrypted for free.

  • Bleeping Computer provides more information on M4N1F3STO here.
  • Security researcher Michael Gillespie can decrypt M4N1F3STO. He can be contacted for assistance through his Twitter account here.