Easy2Lock Ransomware

By GoldSparrow in Ransomware

Translate To:

The Easy2Lock Ransowmare operates as a typical crypto locker threat. It attempts to infiltrate the targeted computer undetected and then proceeds to encrypt most of the files stored on it. Users will be 'locked' from accessing their personal or business-related data effectively, which in some cases may have dire consequences. The criminals behind the Easy2Lock Ransowmare then extort money from their victims in exchange for the possible restoration of the encrypted files. Every locked file will have its name changed to include '.easy2lock' as a new extension. Unlike most other ransomware threats that simply leave their ransom notes as a .txt or .hta file in all folders containing encrypted data, the Easy2Lock Ransowmare creates a separate text file for every single encrypted file. The names of the files carrying the ransom note are derived from the corresponding file's name but having '_read_me' appended at the end. The text of the ransom note is one and the same in all of the files.

The hackers claim that the Easy2Lock Ransowmare, apart from encrypting the user's data with an uncrackable algorithm, also has deleted or encrypted the potential backups. Victims are instructed to contact the criminals by sending an email to any of the three provided email addresses -

leroy3564@protonmail.com
donovan4039@airmail.cc
darryl8227@msgsafe.io

There's no mention of a specific sum demanded for the decryption tool; neither is it mentioned if the money must be sent as Bitcoin or another popular cryptocurrency.

Victims of the Easy2Lock Ransowmare are advised to remain calm and avoid following the instructions of the hackers. Providing any amount of funds to the criminals will only be used to expand their threatening activities further.

The full text of the ransom note dropped by the Easy2Lock Ransowmare is:

'Your network has been penetrated.

All files on each host in the network have been encrypted with a strong algorythm.

Backups were either encrypted or deleted.

Do not rename or move the encrypted files.

To get the files back contact us at:

leroy3564@protonmail.com

donovan4039@airmail.cc

darryl8227@msgsafe.io

Store the encryption key:'

Enigma Software Group Prevails Over Malwarebytes at the Ninth Circuit

Search

Change Region

Easy2Lock Ransomware

Submit Comment

Trending

'YouPorn' Email Scam

Safe Search Eng

Findtheirreport.com

Most Viewed

Is Lookmovie.io Safe?

How To Fix 'Printer Driver is Unavailable' Error

Discord Shows Black Screen when Sharing Screen