'.lightning File Extension' Ransomware
The '.lightning File Extension' Ransomware is a variant of the Everbe@airmail.cc Ransomware, a group of file-locking Trojans that threat actors modify cosmetically for locking and ransoming your media. Although the '.lightning File Extension' Ransomware uses different details regarding its warning message and its labeling the hostage files, its encryption feature is still secure against a public decryptor. Users should invest in appropriate backup strategies, as well as anti-malware services for detecting and removing the '.lightning File Extension' Ransomware preventatively.
A Sudden Shock of Weather from the Everbe Ransomware
A new member of the Everbe@airmail.cc Ransomware is apparent in the wild, with its earliest infection methods using a compromised Russian website peddling software uninstall utilities. However, users may encounter this new threat, the '.lightning File Extension' Ransomware in other ways, as well, such as via torrentscorrupted Web advertisements, spam e-mails or brute-force attacks against their network admin accounts. The consequence of exposure, for unprotected PCs, is losing access to dozens of formats of media invariably.
The '.lightning File Extension' Ransomware is from the 2.0 build of its family, meaning that its AES-DES and RSA encryptions routine for locking media is secure from third parties breaking it. Similarly to 'yoursalvations@protonmail.ch' Ransomware, the Thunder Ransomware or the Embrace Ransomware, it can use the AES or DES algorithms for locking documents, pictures, and other content, and, then, the RSA for protecting the key that it generates from doing so. The '.lightning' extension it adds, along with a bracketed e-mail address, don't remove the rest of the filename's text.
The traditional ransoming messages of the '.lightning File Extension' Ransomware's family use Notepad TXT files. Since paying these ransoms may or may not provoke the threat actor into delivering a decryptor to the victim, malware experts don't recommend doing so, especially for difficult-to-refund currencies like Bitcoin. Unfortunately, free decryption utilities are only available for the earlier versions of the Everbe@airmail.cc Ransomware.
Having the Right Lightning Protection for Your Media
The '.lightning File Extension' Ransomware is most capable of harming users who keep all of their documents, spreadsheets, archives, and other, traditional formats of media all in one place. Saving your work to a cloud server or a removable device will eliminate this file-locking Trojan's bargaining leverage for any ransom. Some users also may be fortunate enough to recover their files from intact Shadow Volume Copies, but one shouldn't assume that this is possible in all attacks from threats of this classification.
The fact that the '.lightning File Extension' Ransomware uses a Russian software site in its campaign doesn't mean that only Russian PC users are in danger. The '.lightning File Extension' Ransomware's family is compatible with most Windows versions and may use installation exploits that don't require visiting the site in question deliberately. However, a robust anti-malware service should eliminate the '.lightning File Extension' Ransomware immediately and before its file-locking routine begins.
The '.lightning File Extension' Ransomware is a shallow update for the Everbe Ransomware, but its authors needn't change a proven crime strategy too much. Windows users with any media worth anything should do the same, and take advantage of traditional and well-known solutions for keeping their files from being endangered.
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.