'Lavandos@dr.com' Ransomware
Threat Scorecard
EnigmaSoft Threat Scorecard
EnigmaSoft Threat Scorecards are assessment reports for different malware threats which have been collected and analyzed by our research team. EnigmaSoft Threat Scorecards evaluate and rank threats using several metrics including real-world and potential risk factors, trends, frequency, prevalence, and persistence. EnigmaSoft Threat Scorecards are updated regularly based on our research data and metrics and are useful for a wide range of computer users, from end users seeking solutions to remove malware from their systems to security experts analyzing threats.
EnigmaSoft Threat Scorecards display a variety of useful information, including:
Ranking: The ranking of a particular threat in EnigmaSoft’s Threat Database.
Severity Level: The determined severity level of an object, represented numerically, based on our risk modeling process and research, as explained in our Threat Assessment Criteria.
Infected Computers: The number of confirmed and suspected cases of a particular threat detected on infected computers as reported by SpyHunter.
See also Threat Assessment Criteria.
| Threat Level: | 100 % (High) |
| Infected Computers: | 10 |
| First Seen: | December 1, 2016 |
| Last Seen: | September 17, 2020 |
| OS(es) Affected: | Windows |
The 'Lavandos@dr.com' Ransomware is an encryption ransomware infection that the con artists use to extort computer users so that they will pay money in exchange for their files. The 'Lavandos@dr.com' Ransomware is being used to attack both individual computer users and Web servers. The 'Lavandos@dr.com' Ransomware works by locking the victim's files by using an encryption algorithm to make the files inaccessible. The 'Lavandos@dr.com' Ransomware has been responsible for attacks around the world. The files encrypted by the 'Lavandos@dr.com' Ransomware can be identified easily by the extension '.[Lavandos@dr.com]', which is added to the end of the affected file. The 'Lavandos@dr.com' Ransomware is being distributed both through corrupted email spam attachments and by hacking into Web servers with poor security protection, particularly those with weak passwords or that have not been updated with the latest security patches.
Unfolding the 'Lavandos@dr.com' Ransomware Infection
The 'Lavandos@dr.com' Ransomware infection is not difficult to understand. The 'Lavandos@dr.com' Ransomware may be installed through a social engineering method combined with a spam email campaign. Once the 'Lavandos@dr.com' Ransomware is installed on the victim's computer, it uses an AES encryption algorithm to encrypt the victim's files. The 'Lavandos@dr.com' Ransomware searches for certain file types during its attack, typically targeting the types of files that could have some value to computer users and that could be difficult to replace, such as work-related documents or media files. The ‘Lavandos@dr.com’ Ransomware and similar ransomware threats encrypt the files with the following extensions:
.3GP, .7Z, .APK, .AVI, .BMP, .CDR, .CER, .CHM, CONF, .CSS, .CSV, .DAT, .DB, .DBF, .DJVU, .DBX, .DOCM, ,DOC, .EPUB, .DOCX .FB2, .FLV, .GIF, .GZ, .ISO .IBOOKS,.JPEG, .JPG, .KEY, .MDB .MD2, .MDF, .MHT, .MOBI .MHTM, .MKV, .MOV, .MP3, .MP4, .MPG .MPEG, .PICT, .PDF, .PPS, .PKG, .PNG, .PPT .PPTX, .PPSX, .PSD, .RAR, .RTF, .SCR, .SWF, .SAV, .TIFF, .TIF, .TBL, .TORRENT, .TXT, .VSD,.WMV, .XLS, .XLSX, .XPS, .XML, .CKP, ZIP, .JAVA, .PY, .ASM, .C, .CPP, .CS, .JS, .PHP, .DACPAC, .RBW, .RB, .MRG, .DCX, .DB3, .SQL, .SQLITE3, .SQLITE, .SQLITEDB, .PSD, .PSP, .PDB, .DXF, .DWG, .DRW, .CASB, .CCP, .CAL, .CMX, .CR2.
The files that have been compromised by the 'Lavandos@dr.com' Ransomware will no longer be readable by the victim's applications. The 'Lavandos@dr.com' Ransomware drops a ransom note on the victim's Desktop. The ransom note reads as follows:
'hallo, our dear friend!
looks like you have same troubles with your security
all your files are now encrypted.
using third-party recovering software will corrupt your data
you have only one way to get them back safely - using our decryption tool
to get original decryption tool contact us with email in subject like write your ID, which you can find in name of every crypted file, also attach to email 3 crypted files
lavandos@dr.com
it is in your interest to respond as soon as possible to ensure the restoration of your files, because we won't keep your decryption keys at our servers more than 72 hours in interest of our security
P S only in case you don't receive a response from the first email address within 24 hours, please use this alternative email address
lavandos@idina.com'
How to Recover from a 'Lavandos@dr.com' Ransomware Infection
Unfortunately, if the ‘Lavandos@dr.com’ Ransomware has encrypted your files, there is no free decryption utility available. Because of this, computer users will have to take preventive measures rather than react to an infection. Fortunately, preventing the 'Lavandos@dr.com' Ransomware attacks is relatively simple. Like with most ransomware Trojans, the best method is to have backups of all files. If computer users can recover their files after an attack by restoring them from a backup easily, then the people responsible for the 'Lavandos@dr.com' Ransomware attack simply have no leverage to demand money from the victim. A good backup method combined with a strong anti-malware program and preventive measures when handling spam email and other risky content online can help prevent the 'Lavandos@dr.com' Ransomware and most other encryption ransomware Trojans active today.
Submit Comment
Please DO NOT use this comment system for support or billing questions. For SpyHunter technical support requests, please contact our technical support team directly by opening a customer support ticket via your SpyHunter. For billing issues, please refer to our "Billing Questions or Problems?" page. For general inquiries (complaints, legal, press, marketing, copyright), visit our "Inquiries and Feedback" page.