LoveLock Ransomware Description
The LoveLock Ransomware is a ransomware Trojan that has a name similar to a previously released ransomware Trojan known as Love2Lock Ransomware. However, PC security researchers have not observed a direct relationship between these two threats. The LoveLock Ransomware was first detected on February 16, 2017 and related to various other ransomware Trojans released recently, including the Hermes Ransomware and the Portuguese CryptoLocker variant. The LoveLock Ransomware is delivered using phishing email messages containing corrupted email attachments. In most cases, the LoveLock Ransomware targets medium and small businesses, as well as corporate networks, although the LoveLock Ransomware also can be responsible for attacks on individuals.
The Love that should be Locked
Like other ransomware Trojans, the main purpose of the LoveLock Ransomware is to encrypt the victims' files and then asks for ransom. One aspect of the LoveLock Ransomware that makes it slightly different from many other ransomware Trojans is that it encrypts a limited amount of file types, which may be because con artists wanted to ensure that the LoveLock Ransomware attack was as fast as possible. It seems that the version of the LoveLock Ransomware being distributed is still in progress currently. This is because the versions of the LoveLock Ransomware uncovered by PC security researchers limit their attack to a folder named 'test 2' located on the infected computer's Desktop. This is a test version of the LoveLock Ransomware clearly, and it is very likely that a full version of the LoveLock Ransomware will be released eventually (if it has not been released already). The LoveLock Ransomware will scan the victim's computer in search for the following file types:
.ASP, .ASPX, .CSV, .DOC, .DOCX, .HTML, .JPG, .MDB, .ODT, .PHP, .PNG, .PPT, .PPTX, .PSD, .SLN, .SQL, .TXT, .XLS, .XLSX, .XML.
How the LoveLock Ransomware Carries out Its Attack
The LoveLock Ransomware uses a strong encryption algorithm to encrypt the files it finds that match the file extensions listed above. The LoveLock Ransomware is based on HiddenTear, an open source ransomware project that has been the source for countless ransomware variants. After encrypting the victim's files, the LoveLock Ransomware sends the decryption key to its Command and Control server, making it impossible for the victim or PC security researchers to obtain it from the infected computer. The files that are encrypted using the LoveLock Ransomware can be identified easily because the LoveLock Ransomware will add the extension '.hasp' to the end of each of the affected files. The LoveLock Ransomware delivers its ransom note in the form of a program window, but in the case of the current incomplete version of the LoveLock Ransomware, the window simply says 'Test 1.'
Dealing with a the LoveLock Ransomware Infection
Fortunately, the versions of the LoveLock Ransomware observed currently are not operational and will not cause damage to victims' files. However, it seems a trivial task to create a fully operational version of the LoveLock Ransomware. Because of this, PC security researchers advise that computer users take steps to protect their files and computers from these attacks. The best precautionary measure computer users can take to ensure that their files are safe from threats like the LoveLock Ransomware is to have backups of all files on an external memory device or the cloud. If computer users can recover the files encrypted by the LoveLock Ransomware from a backup, then the creators of this threat lose any leverage they have to demand the payment of a ransom from their victims. Apart from file backups, PC security researchers advise computer users to have a reliable security program that is fully up-to-date. The phishing email messages that have been linked to the LoveLock Ransomware make it likely that the LoveLock Ransomware will use corrupted file attachments and a social engineering message in its attack, making it very important that computer users learn how to handle emails safely.
Infected with LoveLock Ransomware? Scan Your PC for FreeDownload SpyHunter’s Spyware Scanner
to Detect LoveLock Ransomware * SpyHunter's free version is only for malware detection. If SpyHunter detects malware on your PC, you will need to purchase SpyHunter's malware removal tool to remove the malware threats. Read more on SpyHunter. If you no longer wish to have SpyHunter installed on your computer, follow these steps to uninstall SpyHunter.
Security Doesn't Let You Download SpyHunter or Access the Internet?
Solutions: Your computer may have malware hiding in memory that prevents any program, including SpyHunter, from executing on your computer. Follow to download SpyHunter and gain access to the Internet:
- Use an alternative browser. Malware may disable your browser. If you're using IE, for example, and having problems downloading SpyHunter, you should open Firefox, Chrome or Safari browser instead.
- Use a removable media. Download SpyHunter on another clean computer, burn it to a USB flash drive, DVD/CD, or any preferred removable media, then install it on your infected computer and run SpyHunter's malware scanner.
- Start Windows in Safe Mode. If you can not access your Window's desktop, reboot your computer in "Safe Mode with Networking" and install SpyHunter in Safe Mode.
- IE Users: Disable proxy server for Internet Explorer to browse the web with Internet Explorer or update your anti-spyware program. Malware modifies your Windows settings to use a proxy server to prevent you from browsing the web with IE.
If you still can't install SpyHunter? View other possible causes of installation issues.