LambdaLocker Ransomware
Posted: January 16, 2017
Threat Metric
The following fields listed on the Threat Meter containing a specific value, are explained in detail below:
Threat Level: The threat level scale goes from 1 to 10 where 10 is the highest level of severity and 1 is the lowest level of severity. Each specific level is relative to the threat's consistent assessed behaviors collected from SpyHunter's risk assessment model.
Detection Count: The collective number of confirmed and suspected cases of a particular malware threat. The detection count is calculated from infected PCs retrieved from diagnostic and scan log reports generated by SpyHunter.
Volume Count: Similar to the detection count, the Volume Count is specifically based on the number of confirmed and suspected threats infecting systems on a daily basis. High volume counts usually represent a popular threat but may or may not have infected a large number of systems. High detection count threats could lay dormant and have a low volume count. Criteria for Volume Count is relative to a daily detection count.
Trend Path: The Trend Path, utilizing an up arrow, down arrow or equal symbol, represents the level of recent movement of a particular threat. Up arrows represent an increase, down arrows represent a decline and the equal symbol represent no change to a threat's recent movement.
% Impact (Last 7 Days): This demonstrates a 7-day period change in the frequency of a malware threat infecting PCs. The percentage impact correlates directly to the current Trend Path to determine a rise or decline in the percentage.
| Ranking: | 9,349 |
|---|---|
| Threat Level: | 8/10 |
| Infected PCs: | 808 |
| First Seen: | January 17, 2017 |
|---|---|
| Last Seen: | October 15, 2023 |
| OS(es) Affected: | Windows |
The LambdaLocker Ransomware is a file-encrypting Trojan that can lock your files so that it may sell its threat actor's decryption assistance to you. This form of extortion is preventable by keeping backups that the LambdaLocker Ransomware can't wipe, although free decryption solutions also may be viable. Malware experts recommend anti-malware protection for blocking or removing the LambdaLocker Ransomware to limit its access to your files.
'L' is the New Letter for Greed
January sees new Trojan campaigns with multi-ethnic targeting options, letting con artists increase the geographical scope of their base of victims. The latest evidence of this practice at work in live environments is the LambdaLocker Ransomware. The LambdaLocker Ransomware brands itself after the Greek alphabet but victimizes Chinese and English speakers. The plan of the LambdaLocker Ransomware's threat actor is simply to lock any files with an encryption cipher and then get ransom money from providing the victim with the (supposedly) only decryptor available.
The LambdaLocker Ransomware scans the local drive for content including text documents, spreadsheets, images, movies and music. When it finds a suitable file, it employs an AES encryption routine to 'lock' the content. The second layer of the RSA encryption protects the cipher from third-party solutions cracking it. Malware experts can verify that the LambdaLocker Ransomware uses a unique tag for its locked content, the '.lambda_l0cked' extension, which no other threat to date uses.
Having blocked your data, the LambdaLocker Ransomware creates HTML messages either in the encrypted directories or on your desktop. As usual, the Chinese and English instructions tell the victim how to pay a Bitcoin fee to reacquire their files. Although the LambdaLocker Ransomware does deliver a time limit, the one-month restriction is much more generous than most Trojans of the same type, which often prefer restrictions numbering in a matter of days or even hours.
Striking Lambda out of Your Computer's Vocabulary
The LambdaLocker Ransomware offers no shocking swerves in design as a ransom-based Trojan, but it does show off the capacity for con artists to expand their campaigns beyond national borders with as little effort as possible. Infection vectors for this threat that malware experts suggest watching out for include:
- Con artists may crack password-protected servers directly, particularly for Remote Desktop enabled systems.
- However, more often, high-value targets compromise themselves by opening e-mail attachments. These Trojan droppers may disguise themselves to look like invoices, internal memos or package delivery notifications.
- For personal computer users, compromises are most likely to come from exposure to threatening websites hosting Exploit Kits or unsafe downloads that bundle the LambdaLocker Ransomware with themselves.
Keeping regularly updated backups will let you cripple the possible file damage that the LambdaLocker Ransomware's payload causes. Anti-malware programs also can detect most threats of this category and remove the LambdaLocker Ransomware automatically, when applicable.
No matter where you live, the LambdaLocker Ransomware and Trojans identical to it are problems best prevented with foresight and common sense security protocols.
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.