Ladon Ransomware Description
The Ladon Ransomware is an encryption ransomware Trojan. The Ladon Ransomware is designed to make the victim's files inaccessible just like many other encryption ransomware Trojans that are active currently. The purpose of these attacks is to make the victims' files unusable and then demand the payment of a ransom for the decryption key, which is essential to restore their files. Threats like the Ladon Ransomware are becoming more common increasingly, and it is why computer users should ensure that their data is safe from threats like the Ladon Ransomware.
File Backups are the Weapons to Kill this Dragon
PC security researchers first received information about the Ladon Ransomware on March 26, 2018. The Ladon Ransomware seems to be designed to target computer users in Russia. There are several reasons for this: the Ladon Ransomware is being distributed through the use of spam email messages targeting computer users in Russia and via bogus messages on Vkontakte, the main social network on Russia. The Ladon Ransomware also will detect the targeted computer's keyboard layout to detect whether it is using the Russian language. The Ladon Ransomware attack itself is simple to understand; the Ladon Ransomware will use a strong encryption algorithm to make the victim's files inaccessible. The Ladon Ransomware also will disable the Windows recovery features, such as the System Restore and the Shadow Volume copies of the victim's files. The Ladon Ransomware's attack is not different from most encryption ransomware Trojans that are being used to target computer users in these attacks currently. The Ladon Ransomware targets the user-generated files in its attacks, which may include images, videos, sound files and a wide array of document types. Some of the file types that are commonly targeted by these infections include:
.3dm, .3g2, .3gp, .7zip, .aaf, .accdb, .aep, .aepx, .aet, .ai, .aif, .as, .as3, .asf, .asp, .asx, .avi, .bmp, .c, .class, .cpp, .cs, .csv, .dat, .db, .dbf, .doc, .docb, .docm, .docx, .dot, .dotm, .dotx, .dwg, .dxf, .efx, .eps, .fla, .flv, .gif, .h, .idml, .iff, .indb, .indd, .indl, .indt, .inx, .jar, .java, .jpeg, .jpg, .js, .m3u, .m3u8, .m4u, .max, .mdb, .mid, .mkv, .mov, .mp3, .mp4, .mpa, .mpeg, .mpg, .msg, .pdb, .pdf, .php, .plb, .pmd, .png, .pot, .potm, .potx, .ppam, .ppj, .pps, .ppsm, .ppsx, .ppt, .pptm, .pptx, .prel, .prproj, .ps, .psd, .py, .ra, .rar, .raw, .rb, .rtf, .sdf, .sdf, .ses, .sldm, .sldx, .sql, .svg, .swf, .tif, .txt, .vcf, .vob, .wav, .wma, .wmv, .wpd, .wps, .xla, .xlam, .xll, .xlm, .xls, .xlsb, .xlsm, .xlsx, .xlt, .xltm, .xltx, .xlw, .xml, .xqx, .xqx, .zip.
The Ladon Ransomware's Ransom Demand
The Ladon Ransomware will deliver a ransom note to the victim's computer's desktop after encrypting the victim's files. This ransom note alerts the victim of the attack and asks the victim to install the Tor Browser to load a payment page on the Dark Web. The Ladon Ransomware is very similar to other ransomware in the Dharma 2017 family, and uses a very similar attack. One element it has in common with this threat is that the Ladon Ransomware provides the victim with a panel for 'chatting with an admin,' which supposedly allows the victims to get in touch with the cybercrooks directly.
Protecting Your Data from Threats Like the Ladon Ransomware
The best protection against threats like the Ladon Ransomware is to have file backups on a cloud-stored place or an external memory device. Having a way to recover the affected files easily means that victims do not need to pay the con artists to restore the files since they can delete the corrupted files and replace them with a backup. It is important to remember that it is not a good idea to pay the Ladon Ransomware's fee since there is no guarantee that these people will assist with recovering the files, and it is likelier that it will lead to additional losses.