Langolier Ransomware Description
The Langolier Ransomware is another member of the Scarab Ransomware family that, like its predecessor, is a file locker Trojan. The criminals use these threats to try to extort computer users by preventing them from accessing their machines so that, if they do not have a backup of their files or there isn't a free decryptor available, they may end up deciding to pay the ransom the perpetrators of the hoax are asking for. To make the victim's files unavailable, the Langolier Ransomware will add the file extension 'langolier' to the targeted files, therefore changing their names and locking them. Then, the Langolier Ransomware will present its ransom note in a file called 'HOW TO RECOVER ENCRYPTED FILES.TXT,' which will be displayed on the computer user's desktop as soon as the Langolier Ransomware finishes the files' encryption. Although the ransom note does not specify the ransom amount, it provides two email addresses for contact, and the offer to send three files that will be decrypted for free, as long as they match the criminals' specifications. The ransom note presented by the Langolier Ransomware is transcribed below:
all your files have been encrypted.
Your personal ID:
If you want to recovery your files, you need the decryptor.
You should send us e-mail with your personal ID and 3 (three) files (non archived) to
receive the decryptor.
If your mail server doesn't send e-mail to our contacts, we recommended you to create
an e-mail on Protonmail.com (https://protonmail.com) or India.com (https://mail.india.com/account/login)
>>> Free decryption as guarantee!
Before paying you send us up to 3 files for free decryption.
The total size of files must be less than 10Mb (non archived!!!), and files should not contain
valuable information (databases, backups, large excel sheets, etc.). We recommeded to send pictures,
text files, sheets, etc.
* Do not rename encrypted files.
* Do not try to decrypt your data using third party software, it may cause permanent data loss.
* Decryption of your files with the help of third parties may cause increased price
(they add their fee to our) or you can become a victim of a scam.'
What the security researchers counsel is to accept their offer and send three carefully selected files so that in case the victims don't have backups of their files, or there's no free decryptor available, at least three important files will be back. What they do no counsel is to pay the ransom because once the criminals get the money, they can simply ignore the victims and go back to their business.