Remove Leeme Ransomware

Leeme Ransomware is a peculiar file-locker that, surprisingly, does not belong to any of the popular ransomware families. Its creators may have coded it from scratch but, unfortunately, this is not necessarily good news. Their file-locking mechanism appears to be very safe, so it is impossible to reverse-engineer the process in order to help victims. Of course, Leeme Ransomware's criminals are after the money of their victim. Their demands include a ransom payment of $250 that must be paid via Bitcoin.

What Does the Leeme Ransomware Do?

This ransomware focuses on encrypting popular file formats. If it infects a machine successfully, it immediately scans the hard drive to find suitable files for encryption. The primary file types it targets are media, documents, archives, databases, and backups. When it encrypts a file, it will append a random string of four characters to the end of its name – e.g. ozkb.

Of course, the Leeme Ransomware also drops a ransom message for the victim. The file, called leeme.txt, is available on the desktop of the infected machine. It contains a ransom note in Spanish and English. The criminals offer to sell a custom decryptor for $250, and they advise the victim to message them at recoveryscmyfiles@mail2tor.com for further assistance.

Leeme Ransomware Ransom Note

Needless to say, asking cybercriminals for help is not the best idea. They may ask for more money after the first payment, and you might never get a decryptor. Our advice is to ignore the offer of Leeme Ransomware's creators. Instead, use an antivirus scanner to eliminate the threat fully, preventing it from causing more damage. Once the danger is gone, you can proceed to restore your files from a backup, or with the help of popular data recovery tools and methods.

September 7, 2021

Leave a Reply