The LambdaLocker Ransomware is a new virus threat that is still under a security investigation. Read our removal guide to learn about the malware and discover how to remove active infections from your computer and protect yourself in the future.
About The LambdaLocker Ransomware
The LambdaLocker Ransomware is a new malware threat that has been discovered by the security experts. As it is a new threat not much detailed information is available about the virus.
What we know for sure is that it follows the typical infection pattern of similar threats – LambdaLocker Ransomware encrypts target user data of the infected host, crafts a ransomware note and extorts the victims for a ransomware payment.
At this moment we do not have the full list of target file type extensions. We assume that the developers of the virus have used the typical list which includes the most commonly used files. They include all backup images, multimedia files, documents, databases, configuration files and etc. All affected data receive the .lambda_l0cked extension.
The crafted ransomware note reads the following:
!!!WARNING!!!
Your files are encrypted by the LambdaLocker.
Your ID: 4530-1xxx-2xxx-5xxx
We used AES-256 and SHA-256 cipher to encrypt. So DO NOT try to crack your files.
The way to DECRYPT:
Step1: pay 0.5 Bitcoin to 1MJod*** (Case Sensitive, Please copy this address) in 1 month.
Step2: send an E-MAIL to lambdasquad.hl@yandex.com after you finish step 1
Format:
Subject: decryptLL
Body: [Your ID]P05 (Example:[1234-1234-1234]P05)
Step3: Please wait. We will send the decrypter and the key to you in 3 hours.
How to get Bitcoins and pay?
1. Register a Bitcoin Trade Platform.
2. Buy Bitcoins through the platform.
3. Pay 0.5 Bitcoins to 1MJodDvhmNG9ocRhhwvBzkGmttXP9ow7e2 and follow the decrypt step.
If you can’t understand, please Google: How can I buy and pay bitcoin?
Bitcoin Trade Platform recommend:
1. HuoBi (火币,China): https://www.huobi.com/
2. BtcTrade (China): http://www.btctrade.com
3. OKCoin: https://www.okcoin.cn/
4. Bter: https://bter.com/
5. JuBi (聚币,China): http://www.jubi.com/
6. Btc100 (China): https://www.btc100.cn/
7. BTC-e: https://btc-e.com/
8. Bitstamp: https://www.bitstamp.net/
9. GDAX: https://www.gdax.com/
10. CEX: https://cex.io/
Or you can use others.
If you have any questions, please e-mail lambdasquad.hl@yandex.com.
How Does The LambdaLocker Ransomware Infect Computers
January 2017 brought us the first identified samples of the LambdaLocker Ransomware virus. They were detected by the security researchers in several attack campaigns.
The primary methods of distribution employed by the virus include phishing email spam messages and infected installers that pose as carrying legitimate software and games downloaded from suspicious sites and P2P networks.
The virus targets users worldwide.
How To Remove The LambdaLocker Ransomware and Recover Affected Files
You can use a trusted anti-spyware solution to remove active infections and protect your computer .
Restore Data Using Data Recovery tools. This method is suggested by multiple experts in the field. It can be used to scan your hard drive’s sectors and hence scramble the encrypted files anew as if they were deleted. Most ransomware viruses usually delete a file and create an encrypted copy to prevent such programs for restoring the files, but not all are this sophisticated. So you may have a chance of restoring some of your files with this method. Here are several data recovery programs which you can try and restore at least some of your files: