LolKek Ransomware
The LolKek Ransomware is a file-locking Trojan that's from the BitRansomware Ransomware, a Ransomware-as-a-Service family. The LolKek Ransomware includes features especially helpful for sabotaging unprotected networks but may block users' files in most Windows environments. Users with backups on other, protected devices and credible anti-malware products for removing the LolKek Ransomware should be safe.
A Trojan's Merriment at Their Victim's Expense
Very soon, the fledgling Ransomware-as-a-Service, BitRansomware Ransomware, started appearing in noticeable variants. The first one malware experts cataloged as part of this black hat business, which loans Trojan software out to third-party attackers, is the LolKek Ransomware. Modest but mildly surprising changes to the payload show that it's more flexible than similar RaaSes, even if it's after the same money through similar attacks on data.
The LolKek Ransomware's name refers to both the 'laughing out loud' acronym popular around the Web and a similar abbreviation of laughter, often associated with either the political alt-right or video gaming communities. Malware experts see the samples have no hints of using fake game cracks or similar tactics for circulating but hide their real 'EXE' extensions with fake 'TMP' or 'temporary file' ones. The threat actor also attempts hiding the Trojan through digital certificates, although the chain is unverified.
The LolKek Ransomware's encryption is the prime feature of its payload, which is its tool for blocking users' media, such as documents. It also opts for a slight variation on the original extension, capitalizing it as 'ReadMe' instead of the first BitRansomware Ransomware's 'readme.' Although the Trojan has a text file as a ransom note, it doesn't copy the earlier templates; instead, the threat actor provides a shorter message, with an e-mail and link (supposedly to a 'customer ticket' service) for negotiations.
Stifling a Hacker's Schadenfreude Effectively
The LolKek Ransomware includes features that help ensure a comprehensive sweep over the victims' files inside network environments, along with targeting 'hidden' drives and optimizing its encryption with multithreading techniques. Although many of the features help the LolKek Ransomware's family stand out a little from the pack, the best means of protecting media from file-locking Trojans are universally-appropriate. All users, regardless of environment or preferred hardware, should save their backups onto protected devices, including cloud storage or detachable drives like USBs.
Users also should pay attention to the apparent formats of their downloads. Threats like the LolKek Ransomware are easily-recognizable as threatening for users who enable visible extensions and watch for tactics like doubled extensions. Trojans like the LolKek Ransomware can circulate through many methods, although torrents, e-mail attachments, and Exploit Kit-based attacks are likely. Weak passwords also can instigate attacks from threat actors that personally install the Trojan.
Efficient anti-malware tools can find most versions of BitRansomware Ransomware's family and should delete the LolKek Ransomware immediately. Its certificate-based obfuscation provides no current benefits versus threat-detection metrics.
The LolKek Ransomware laughs at those who don't protect their work despite files being at least as valuable as ransom money. It's a simple step that's appropriate for anyone on the Web, but especially for business entities with network-connected systems, which are significantly at risk from this family's data-blocking potential.
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.