Lizard Squad Ransomware Asks for Unusual Ransom Currency

The newest strain of ransomware discovered in the wild is called the Lizard Squad ransomware. The new variant does not seem to belong to any of the big ransomware families.

The ransomware acts like other variants - it encrypts files on the victim system and renders them useless. Once files are encrypted, they receive a new extension, made up of four randomly generated alphanumeric characters. This means that a file that was previously called "picture.jpg" will become something similar to "picture.jpg.hjd8:"

The ransomware affects document, media, archive and database file types.

The ransom note is deposited inside a file that uses Chinese characters, called "說明it.txt". The message in it is in both Chinese and English. Unlike almost every other recent ransomware clone that asks for payment in BTC, this one calls for ransom to be paid in Tether USDT.

The full ransom note goes as follows:

我來自一個名為：蜥蜴小隊的國際組織

我們是黑客組織

我的名字是：09先生

我會用你的電腦作為收款的抵押品

請支付：USDT-TRC20

金額：2000

付款地址：TRZRAM9KL5qv1BMrXxo876wetHfzT19sii

聯繫方式 ：woo090909 at mail2tor dot com

電報：@woo090909

付款後聯繫我，我會為你解鎖

如果您不付款，您的計算機和文件將被自動銷毀，

如果你真的想解決，請隨時支付費用，聯繫我，我會考慮給你打折

I'm from an international organization called: Lizard Squad

we are a hacker group

My name is: Mr. 09

I will use your computer as collateral for collection

Please pay: USDT-TRC20

Amount: 2000

Payment address: TRZRAM9KL5qv1BMrXxo876wetHfzT19sii

contact details : woo090909 at mail2tor dot com

telegraph: @woo090909

Contact me after payment and I will unlock it for you

If you do not pay, your computer and files will be automatically destroyed,

If you really want a fix, feel free to pay the fee, contact me and I'll consider giving you a discount