Lizehopm Ransomware
The Lizehopm Ransomware is a file-locking Trojan that comes from the Snatch Ransomware family. The Lizehopm Ransomware may block the user's media files with encryption and delivers ransom notes that sell the unlocking solution. Users always should back their work up for safety and allow anti-malware tools' remove the Lizehopm Ransomware whenever they identify it.
Further File-Snatching from Increasingly-Visible Trojans
In the threat landscape, few families of Trojans can compete with the affordability of freeware like Hidden Tear, or easy-to-use resources like Ransomware-as-a-Services. Nevertheless, the Snatch Ransomware is doing its best as more and more variants of this once-small Trojan family continue appearing. The Lizehopm Ransomware is a late example, bearing the typical naming scheme of its kind – most closely resembling a random grab-bag of letters than any etymologically-meaningful word.
In both name and ransom notes, the Lizehopm Ransomware has a strong resemblance to other Snatch Ransomware ancestors, such as the Cndqmi Ransomware, the Gvlbsjz Ransomware, the Hbdalna Ransomware, and Mcauwpjib Ransomware. Its most important feature to any victim is the data encryption routine, which may 'lock' files from opening and impact such valuable formats as pictures, music, and documents. The Lizehopm Ransomware's name is an added extension to these files, fortunately, without removing the previous contents.
The Lizehopm Ransomware creates multiple text files in every location with any blocked files. Its note is in English and follows the same flow as most Snatch Ransomware campaigns, with e-mail addresses being the only difference in contents. Users should always have backups on other devices or cloud services as an easy out from these ransom demands, which, while often unreliable, sometimes are the only means of decrypting the singular copies of any files.
Trimming Trojan Family Trees Down to Shrubs
Besides the behavioral traits that the Lizehopm Ransomware shares with many file-locking Trojans, its Snatch Ransomware birthright points to the abuse of Windows Safe Mode. Rebooting the computer into this mode will disable many programs and features, including some security-related ones, and gives the Lizehopm Ransomware additional freedom for blocking files. As an extra tangle, malware researchers see no current signs of free decryption services being very likely for any offshoot of the Snatch Ransomware family.
Still, users have many means of protecting their files before the Lizehopm Ransomware unleashes its payload. Disabling some browser features, such as JavaScript and Flash, and installing appropriate updates will remove many vulnerabilities. Using strong passwords will prevent criminals from hijacking accounts by brute-force. Scanning e-mail, torrent, or other unusual download sources before opening them will catch many embedded Trojan droppers and similar threats.
None of these protections fully take the place of a well-maintained backup for recovering the files that this Trojan locks. Similarly, there are no replacements for dedicated cyber-security programs for identifying, quarantining or uninstalling the Lizehopm Ransomware.
All samples of the Lizehopm Ransomware keep tight-lipped concerning their distribution exploits and possibly phishing lures. Until malware experts uncover more of its campaign, users should guard all infection vectors with equal diligence.
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.