LMAO Ransomware Asks for $800 in Ransom
During an examination of newly discovered files, our team of researchers came across a ransomware variant called LMAO. This particular malware, which is based on the Chaos ransomware, is specifically designed to encrypt data and then demand a ransom for decrypting it.
When tested on our laboratory machine, LMAO successfully encrypted various files and added a ".LMAO" extension to their original filenames. For example, a file named "1.jpg" would be transformed into "1.jpg.LMAO," while "2.png" became "2.png.LMAO," and so on. Once the encryption process was finished, LMAO generated a ransom note named "read_it.txt."
The ransom message delivered by LMAO explicitly informs the victim that their files have been encrypted. The note goes on to explain that only the attackers possess the necessary decryption software to restore the compromised data. The price for obtaining the decryption tool is specified as $800 in Bitcoin cryptocurrency.
LMAO Ransom Note Uses Bad Language
The full LMAO ransom note reads as follows:
Your computer has been f**ked by the LMAO ransomware, Your files have been encrypted and you won't
be able to decrypt them without our help.What can I do to get my files back?You can buy our special
decryption software, this software will allow you to recover all of your data and remove the
ransomware from your computer, The price for the software is $800, Payment can be made in Bitcoin only.
How do I pay, where do I get Bitcoin?
Purchasing Bitcoin varies from country to country, you are best advised to do a quick google search
yourself to find out how to buy Bitcoin.
Many of our customers have reported these sites to be fast and reliable:
Coinmama - hxxps://www.coinmama.com Bitpanda - hxxps://www.bitpanda.comPayment informationAmount: 0.02901543 BTC
Bitcoin Address: (alphanumeric string)
Why Is it Not a Good Idea to Pay Ransom to Hackers?
Paying a ransom to hackers is generally considered a bad idea due to several reasons:
- No guarantee of data recovery: There is no guarantee that paying the ransom will result in the restoration of your encrypted data. Hackers may not fulfill their end of the deal or provide a working decryption key, leaving you with both lost data and financial loss.
- Reinforces criminal activities: By paying the ransom, you are indirectly funding and encouraging the criminal activities of hackers. This motivates them to continue targeting individuals and organizations with ransomware attacks, perpetuating the cycle of cybercrime.
- Encourages future attacks: When hackers successfully extort money through ransomware attacks, they are likely to target the same victim again or seek out new targets. Paying the ransom can label you as a willing target, attracting further attacks and making you vulnerable to future threats.
- Supports the development of more sophisticated attacks: Ransom payments provide hackers with financial resources to invest in developing more advanced and potent malware. This leads to the creation of new variants or improved versions of ransomware, posing an increased threat to individuals and organizations worldwide.
- Legal and ethical implications: Paying a ransom may have legal consequences, as it may involve financing criminal activities. It is also important to consider the ethical implications of supporting criminal behavior and contributing to a thriving underground economy.
Instead of paying the ransom, it is recommended to follow these steps:
Report the incident: Notify law enforcement agencies and appropriate cybersecurity organizations about the attack. This helps in tracking down the hackers and preventing further attacks.
Isolate and secure affected systems: Immediately disconnect the infected systems from the network to prevent the ransomware from spreading to other devices. Preserve the encrypted data and any available backups for potential analysis or future decryption methods.
Consult cybersecurity experts: Engage the services of cybersecurity professionals who specialize in ransomware incidents. They can provide guidance, evaluate the situation, and explore possible recovery options.
Restore from backups: If you have regularly backed up your data, you can restore your systems and files from those backups once they have been thoroughly cleaned and secured.
Strengthen security measures: Enhance your cybersecurity defenses by implementing robust security practices, including regular software updates, strong passwords, multi-factor authentication, employee training, and proactive monitoring to detect and mitigate future threats.