LMAO Ransomware Asks for $800 in Ransom

During an examination of newly discovered files, our team of researchers came across a ransomware variant called LMAO. This particular malware, which is based on the Chaos ransomware, is specifically designed to encrypt data and then demand a ransom for decrypting it.

When tested on our laboratory machine, LMAO successfully encrypted various files and added a ".LMAO" extension to their original filenames. For example, a file named "1.jpg" would be transformed into "1.jpg.LMAO," while "2.png" became "2.png.LMAO," and so on. Once the encryption process was finished, LMAO generated a ransom note named "read_it.txt."

The ransom message delivered by LMAO explicitly informs the victim that their files have been encrypted. The note goes on to explain that only the attackers possess the necessary decryption software to restore the compromised data. The price for obtaining the decryption tool is specified as $800 in Bitcoin cryptocurrency.

LMAO Ransom Note Uses Bad Language

The full LMAO ransom note reads as follows:

Your computer has been f**ked by the LMAO ransomware, Your files have been encrypted and you won't
be able to decrypt them without our help.What can I do to get my files back?You can buy our special
decryption software, this software will allow you to recover all of your data and remove the
ransomware from your computer, The price for the software is $800, Payment can be made in Bitcoin only.
How do I pay, where do I get Bitcoin?
Purchasing Bitcoin varies from country to country, you are best advised to do a quick google search
yourself to find out how to buy Bitcoin.
Many of our customers have reported these sites to be fast and reliable:
Coinmama - hxxps://www.coinmama.com Bitpanda - hxxps://www.bitpanda.com

Payment informationAmount: 0.02901543 BTC
Bitcoin Address: (alphanumeric string)

Why Is it Not a Good Idea to Pay Ransom to Hackers?

Paying a ransom to hackers is generally considered a bad idea due to several reasons:

  • No guarantee of data recovery: There is no guarantee that paying the ransom will result in the restoration of your encrypted data. Hackers may not fulfill their end of the deal or provide a working decryption key, leaving you with both lost data and financial loss.
  • Reinforces criminal activities: By paying the ransom, you are indirectly funding and encouraging the criminal activities of hackers. This motivates them to continue targeting individuals and organizations with ransomware attacks, perpetuating the cycle of cybercrime.
  • Encourages future attacks: When hackers successfully extort money through ransomware attacks, they are likely to target the same victim again or seek out new targets. Paying the ransom can label you as a willing target, attracting further attacks and making you vulnerable to future threats.
  • Supports the development of more sophisticated attacks: Ransom payments provide hackers with financial resources to invest in developing more advanced and potent malware. This leads to the creation of new variants or improved versions of ransomware, posing an increased threat to individuals and organizations worldwide.
  • Legal and ethical implications: Paying a ransom may have legal consequences, as it may involve financing criminal activities. It is also important to consider the ethical implications of supporting criminal behavior and contributing to a thriving underground economy.

Instead of paying the ransom, it is recommended to follow these steps:

Report the incident: Notify law enforcement agencies and appropriate cybersecurity organizations about the attack. This helps in tracking down the hackers and preventing further attacks.

Isolate and secure affected systems: Immediately disconnect the infected systems from the network to prevent the ransomware from spreading to other devices. Preserve the encrypted data and any available backups for potential analysis or future decryption methods.

Consult cybersecurity experts: Engage the services of cybersecurity professionals who specialize in ransomware incidents. They can provide guidance, evaluate the situation, and explore possible recovery options.

Restore from backups: If you have regularly backed up your data, you can restore your systems and files from those backups once they have been thoroughly cleaned and secured.

Strengthen security measures: Enhance your cybersecurity defenses by implementing robust security practices, including regular software updates, strong passwords, multi-factor authentication, employee training, and proactive monitoring to detect and mitigate future threats.

By Zaib
June 15, 2023
Ransomware
English
June 15, 2023
Ransomware

Popular Posts

As Fears of the Coronavirus Pandemic Spread, So Does...

4 years ago

Microsoft Warns State-Backed Threat Actors Are Using AI in...

4 days ago

Trojan Al11 Malware Detection & Removal - An Essential...

11 months ago

Pinaview is a Fully-Featured Adware App

10 months ago

"Your iCloud is Being Hacked" and "Your iPhone has Been...

7 months ago

What is Lucky Ransomware?

7 months ago

Related Posts

Ransomware

Kriptor Ransomware Asks for Bitcoin Ransom

Yet another strain of file-encrypting malware was spotted in the wild. The newest strain is called the Kriptor ransomware. The Kriptor ransomware will encrypt almost every file on a system, leaving files essential to... Read more

July 25, 2022
Ransomware

Wizard Ransomware Asks for Modest Ransom

Wizard ransomware is the name of a newly discovered strain of file-encrypting malware. The new variant does nothing special. It will encrypt most files on the targeted computer, leaving them scrambled and unreadable.... Read more

September 30, 2022
Ransomware

Canadian Ransomware Asks for Ransom in Canadian Dollars

Canadian ransomware is the name assigned to a newly discovered strain of file-encrypting malware. The new ransomware variant works like most similar malware - it will encrypt files on the victim system and leave them... Read more

November 21, 2022
English
Loading...

Cyclonis Backup Details & Terms

The Free Basic Cyclonis Backup plan gives you 2 GB of cloud storage space with full functionality! No credit card required. Need more storage space? Purchase a larger Cyclonis Backup plan today! To learn more about our policies and pricing, see Terms of Service, Privacy Policy, Discount Terms and Purchase Page. If you wish to uninstall the app, please visit the Uninstallation Instructions page.

Cyclonis Password Manager Details & Terms

FREE Trial: 30-Day One-Time Offer! No credit card required for Free Trial. Full functionality for the length of the Free Trial. (Full functionality after Free Trial requires subscription purchase.) To learn more about our policies and pricing, see EULA, Privacy Policy, Discount Terms and Purchase Page. If you wish to uninstall the app, please visit the Uninstallation Instructions page.

Home

Products

Cyclonis Backup Cyclonis Password Manager Cyclonis World Time

Support

Help Files FAQs Downloads Inquiries & Support

Company

About Us Contact Us Report Abuse

Legal (Post Merger)

EnigmaSoft Limited (fka Cyclonis Limited)

Cyclonis Backup's Terms of Service Cyclonis Password Manager's EULA Cyclonis World Time's Terms of Service Privacy Policy Cookie Policy Special Discount Offer Terms Additional Terms & Conditions SpyHunter EULA RegHunter EULA EnigmaSoft Privacy Policy & Cookie Policy ESG Privacy Policy & Cookie Policy EnigmaSoft Discount Offer Terms ESG Discount Offer Terms

© 2017-2024 Cyclonis Ltd. CYCLONIS is a trademark of EnigmaSoft Limited (Cyclonis was merged into EnigmaSoft Limited effective November 25, 2023.) All rights reserved.

Registered Office EnigmaSoft Limited: 1 Castle Street, 3rd Floor, Dublin 2 D02 XD82, Ireland.
EnigmaSoft Limited, Private Company Limited by shares, Company Registration Number 597114.

Windows is a trademark of Microsoft, registered in the U.S. and other countries.
Mac, iPhone, iPad and App Store are trademarks of Apple Inc., registered in the U.S. and other countries.
iOS is a registered trademark of Cisco Systems, Inc. and/or its affiliates in the United States and certain other countries.
Android and Google Play are trademarks of Google LLC.