LambdaLocker Ransomware

LambdaLocker Ransomware Overview
The LambdaLocker Ransomware is a new malware threat that is still under investigation by the researchers. From the initial analysis it seems that its behavior patterns follow the typical scenario – the virus initiates its encryption engine which acts against target file types. The victims are then extorted to pay a ransom fee. We assume that the malware creators target the most popularly used user data such as various multimedia, backup images, configuration files, documents and etc.

LambdaLocker Ransomware Note
"!!!WARNING!!!""Your files are encrypted by the LambdaLocker.""Your ID: 4530-1xxx-2xxx-5xxx""We used AES-256 and SHA-256 cipher to encrypt. So DO NOT try to crack your files.""The way to DECRYPT:""Step1: pay 0.5 Bitcoin to 1MJod*** (Case Sensitive, Please copy this address) in 1 month.""Step2: send an E-MAIL to lambdasquad.hl@yandex.com after you finish step 1""Format:""Subject: decryptLL""Body: [Your ID]P05 (Example:[1234-1234-1234]P05)""Step3: Please wait. We will send the decrypter and the key to you in 3 hours.""How to get Bitcoins and pay?""1. Register a Bitcoin Trade Platform.""2. Buy Bitcoins through the platform.""3. Pay 0.5 Bitcoins to 1MJodDvhmNG9ocRhhwvBzkGmttXP9ow7e2 and follow the decrypt step.""If you can’t understand, please Google: How can I buy and pay bitcoin?""Bitcoin Trade Platform recommend:""1. HuoBi (火币,China): https://www.huobi.com/""2. BtcTrade (China): http://www.btctrade.com""3. OKCoin: https://www.okcoin.cn/""4. Bter: https://bter.com/""5. JuBi (聚币,China): http://www.jubi.com/""6. Btc100 (China): https://www.btc100.cn/""7. BTC-e: https://btc-e.com/""8. Bitstamp: https://www.bitstamp.net/""9. GDAX: https://www.gdax.com/""10. CEX: https://cex.io/""Or you can use others.""If you have any questions, please e-mail lambdasquad.hl@yandex.com."

LambdaLocker Ransomware Distribution
The first identified samples of the LambdaLocker Ransomware were identified in several attack campaigns in January 2017. It is primarily aimed at English and Chinese speaking users. The virus is primarily distributed using e-mail spam messages and infected software and game installers found on hacked or malicious download sites and P2P networks.

LambdaLocker Ransomware Removal Instructions
In-depth removal instructions and detailed technical information about the virus can be found on Best Security Search.