Threat Database Ransomware Levis Locker Ransomware

Levis Locker Ransomware

By CagedTech in Ransomware

The Levis Locker Ransomware is named after the media creator LewissTechYT whose photo is incorporated into the lockscreen used by the Ransomware. The Levis Locker Ransomware was discovered while researchers were looking into spam emails carrying suspicious files. The distribution scheme for the Levis Locker Ransomware involves logos from trusted companies, banks, and NGOs with the aim to convince users into opening a macro-enabled attachment.

The Levis Locker Ransomware Makes Outrages Accusations and Directs Users to Pay a Fee Using MoneyPak

The Levis Locker Ransomware is a Trojan that is designed to lock the screen of the user and display a rather disturbing message. The Levis Locker lock screen features accusations that the user is engaged in browsing illegal materials including child pornography, bestiality, torture and rape. These allegations are more than likely to trigger an angry reaction from many users. The successful infiltration of the Levis Locker Ransomware results in your desktop being locked, outrages accusations displayed on your screen, and a fee of 500 USD requested to bring down the charges. The Levis Locker Ransomware is not a file coder and does not behave the same way as threats like the '.VforVendetta File Extension' Ransomware and the '_morf56@meta.ua_ File Extension' Ransomware do. You can take a deep breath and rest assured the Levis Locker Ransomware is not likely to encrypt your data. We have seen the Levis Locker Ransomware display the following notification:

'ATTENTION! Your dextop has been locked due to illegal activity online!
In order for your computer to be unlocked, you must pay $500 to Lewis
You’re IP address is: [your IP]
You have been caught viewing illegal material online, including, but not limited to:
Child Pornography
This computer will be destroyed in:
[countdown timer starting from 24 hours]'

The Levis Locker Ransomware Disables Built-In Tools on Windows to Hinder Removal

The Levis Locker lock screen can not be removed easily since it is generated by a Trojan that disables tools like the Task Manager, CMD utility and the Registry editor. However, computer experts reveal there is a workaround that would enable users to bypass the Levis Locker Ransomware. You will need to access the MSCONFIG utility and enable boot into Safe Mode followed by a restart of the PC. That way you will be able to load your desktop as normal and have the opportunity to deal with the Levis Locker Ransomware effectively. We should note that the initial release of the Levis Locker Ransomware does not support an encryption engine, but we may see versions that make alterations to files stored on your drives. Thus, you might want to install a backup manager as a preemptive measure. Security experts recommend using a credible anti-malware scanner to find and delete the executable behind the Levis Locker lock screen. AV software may flag executable associated with the Levis Locker Ransomware as:

  • MSIL.Trojan-Ransom.Winlock.I
  • MSIL11.E
  • Msil.Troj.Ransom!c
  • Ransom.Winlock
  • Ransom_LEVILOCK.A
  • Trojan.MSIL.gen.18

SpyHunter Detects & Remove Levis Locker Ransomware

File System Details

Levis Locker Ransomware may create the following file(s):
# File Name MD5 Detections
1. file.exe ad5205a55d46f1adc620a552e13434ac 0


Most Viewed