LockMe Ransomware

Posted: February 6, 2018

Threat Metric

The Threat Meter is a malware assessment that SpywareRemove.com's research team is able to give every identifiable malware threat. Our Threat Meter includes several criteria based off of specific malware threats to value their severity, reach and volume. The Threat Meter is able to give you a numerical breakdown of each threat's initial Threat Level, Detection Count, Volume Count, Trend Path and Percentage Impact. The overall ranking of each threat in the Threat Meter is a basic breakdown of how all threats are ranked within our own extensive malware database. The scoring for each specific malware threat can be easily compared to other emerging threats to draw a contrast in its particular severity. The Threat Meter is a useful tool in the endeavor of seeking a solution to remove a threat or pursue additional analytical research for all types of computer users.

The following fields listed on the Threat Meter containing a specific value, are explained in detail below:

Threat Level: The threat level scale goes from 1 to 10 where 10 is the highest level of severity and 1 is the lowest level of severity. Each specific level is relative to the threat's consistent assessed behaviors collected from SpyHunter's risk assessment model.

Detection Count: The collective number of confirmed and suspected cases of a particular malware threat. The detection count is calculated from infected PCs retrieved from diagnostic and scan log reports generated by SpyHunter.

Volume Count: Similar to the detection count, the Volume Count is specifically based on the number of confirmed and suspected threats infecting systems on a daily basis. High volume counts usually represent a popular threat but may or may not have infected a large number of systems. High detection count threats could lay dormant and have a low volume count. Criteria for Volume Count is relative to a daily detection count.

Trend Path: The Trend Path, utilizing an up arrow, down arrow or equal symbol, represents the level of recent movement of a particular threat. Up arrows represent an increase, down arrows represent a decline and the equal symbol represent no change to a threat's recent movement.

% Impact (Last 7 Days): This demonstrates a 7-day period change in the frequency of a malware threat infecting PCs. The percentage impact correlates directly to the current Trend Path to determine a rise or decline in the percentage.

Threat Level:	8/10
Infected PCs:	80

First Seen:	January 23, 2024
Last Seen:	January 23, 2024
OS(es) Affected:	Windows

The LockMe Ransomware is a file-locker Trojan that can use encryption to withhold your files from you until you agree to its ransom, even though paying doesn't always deliver an unlocking solution. The LockMe Ransomware also may modify its payload slightly for corresponding to the user's local language settings. Users who want to keep their media secure should maintain updated backups and have their anti-malware programs delete the LockMe Ransomware upon its detection.

The Trojan that's Fluent in Extorting Bitcoins

Threat actors began another campaign using the blocking of files as a motivator for Bitcoin ransoms, as of February. The new Trojan of the LockMe Ransomware is modular and may or may not be RaaS-based, and malware researchers are still investigating all possible infection exploits. While many of its characteristics are standard, the LockMe Ransomware does have an exceptionally flexible means of delivering its ransom notes.

Like many file-locking threats from recent years, the LockMe Ransomware uses modules for compartmentalizing its functions and making their loading and unloading as simple as possible. Right now, the LockMe Ransomware includes a data-uploading module, but only for handling its Notepad ransom messages, by selecting the appropriate instructions for the user's local language. Malware experts are estimating that the LockMe Ransomware, in development, was Russian, although its attacks tailor themselves to victims around the world.

Regardless of the language, the LockMe Ransomware's messages ask for just over two hundred USD in Bitcoins for recovering your files and use e-mail negotiations for further assistance. The LockMe Ransomware's central attack function and an AES-based encryption routine will scan different formats of data that it can block for motivating the ransom's payment. Searching for the '.lockme encrypted' extension can identify any locked media, and the LockMe Ransomware also salts each file's internal data.

Free Yourself from a LockMe Ransomware Attack

Since it's without a definite family, free decryption solutions may or may not be capable of retrieving any content that the LockMe Ransomware is locking. Victims can contact experienced PC security researchers, ones with long-term experience with file-locking threats particularly, for additional help on any emergency data-recovery methods that may be available. Backups, especially ones isolated on separate devices, are the most secure defense against the LockMe Ransomware's payload, and one that malware experts always endorse.

Most file-locking threats use some combination of e-mail messages, associated file attachments or brute-force assaults against network logins to compromise a PC. However, there also exist some campaigns that abuse lesser-used techniques, such as website-running exploit kits and torrents. Scanning your downloads with proper security software can facilitate catching and removing the LockMe Ransomware before it causes issues, which always is simpler than unlocking your media after the fact.

The LockMe Ransomware is a simple but ambitious Trojan that can customize its attacks for an array of targets geographically. Stopping your files from becoming the next victims of the LockMe Ransomware's silver tongue is always as simple as minding your basic standards for data storage and Web security.

LockMe Ransomware

Threat Metric

The Trojan that's Fluent in Extorting Bitcoins

Free Yourself from a LockMe Ransomware Attack

Leave a Reply