'.lightning File Extension' Ransomware

'.lightning File Extension' Ransomware Description

The '.lightning File Extension' Ransomware is a variant of the Everbe@airmail.cc Ransomware, a group of file-locking Trojans that threat actors modify cosmetically for locking and ransoming your media. Although the '.lightning File Extension' Ransomware uses different details regarding its warning message and its labeling the hostage files, its encryption feature is still secure against a public decryptor. Users should invest in appropriate backup strategies, as well as anti-malware services for detecting and removing the '.lightning File Extension' Ransomware preventatively.

A Sudden Shock of Weather from the Everbe Ransomware

A new member of the Everbe@airmail.cc Ransomware is apparent in the wild, with its earliest infection methods using a compromised Russian website peddling software uninstall utilities. However, users may encounter this new threat, the '.lightning File Extension' Ransomware in other ways, as well, such as via torrentscorrupted Web advertisements, spam e-mails or brute-force attacks against their network admin accounts. The consequence of exposure, for unprotected PCs, is losing access to dozens of formats of media invariably.

The '.lightning File Extension' Ransomware is from the 2.0 build of its family, meaning that its AES-DES and RSA encryptions routine for locking media is secure from third parties breaking it. Similarly to 'yoursalvations@protonmail.ch' Ransomware, the Thunder Ransomware or the Embrace Ransomware, it can use the AES or DES algorithms for locking documents, pictures, and other content, and, then, the RSA for protecting the key that it generates from doing so. The '.lightning' extension it adds, along with a bracketed e-mail address, don't remove the rest of the filename's text.

The traditional ransoming messages of the '.lightning File Extension' Ransomware's family use Notepad TXT files. Since paying these ransoms may or may not provoke the threat actor into delivering a decryptor to the victim, malware experts don't recommend doing so, especially for difficult-to-refund currencies like Bitcoin. Unfortunately, free decryption utilities are only available for the earlier versions of the Everbe@airmail.cc Ransomware.

Having the Right Lightning Protection for Your Media

The '.lightning File Extension' Ransomware is most capable of harming users who keep all of their documents, spreadsheets, archives, and other, traditional formats of media all in one place. Saving your work to a cloud server or a removable device will eliminate this file-locking Trojan's bargaining leverage for any ransom. Some users also may be fortunate enough to recover their files from intact Shadow Volume Copies, but one shouldn't assume that this is possible in all attacks from threats of this classification.

The fact that the '.lightning File Extension' Ransomware uses a Russian software site in its campaign doesn't mean that only Russian PC users are in danger. The '.lightning File Extension' Ransomware's family is compatible with most Windows versions and may use installation exploits that don't require visiting the site in question deliberately. However, a robust anti-malware service should eliminate the '.lightning File Extension' Ransomware immediately and before its file-locking routine begins.

The '.lightning File Extension' Ransomware is a shallow update for the Everbe Ransomware, but its authors needn't change a proven crime strategy too much. Windows users with any media worth anything should do the same, and take advantage of traditional and well-known solutions for keeping their files from being endangered.

Use SpyHunter to Detect and Remove PC Threats

If you are concerned that malware or PC threats similar to '.lightning File Extension' Ransomware may have infected your computer, we recommend you start an in-depth system scan with SpyHunter. SpyHunter is an advanced malware protection and remediation application that offers subscribers a comprehensive method for protecting PCs from malware, in addition to providing one-on-one technical support service.

Download SpyHunter's Malware Scanner

Note: SpyHunter's free version is only for malware detection. If SpyHunter detects malware on your PC, you will need to purchase SpyHunter's malware tool to remove the malware threats. Learn more on SpyHunter. If you would like to uninstall SpyHunter for any reason, please follow these uninstall instructions. To learn more about our policies and practices, visit our EULA, Privacy Policy and Threat Assessment Criteria.

Why can't I open any program including SpyHunter? You may have a malware file running in memory that kills any programs that you try to launch on your PC. Tip: Download SpyHunter from a clean computer, copy it to a USB thumb drive, DVD or CD, then install it on the infected PC and run SpyHunter's malware scanner.

Posted: November 29, 2018
Home Malware Programs Ransomware '.lightning File Extension' Ransomware

Leave a Reply

Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter. If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.