Levis Locker Ransomware

Levis Locker Ransomware Description

Type: Ransomware

The Levis Locker Ransomware is named after the media creator LewissTechYT whose photo is incorporated into the lockscreen used by the Ransomware. The Levis Locker Ransomware was discovered while researchers were looking into spam emails carrying suspicious files. The distribution scheme for the Levis Locker Ransomware involves logos from trusted companies, banks, and NGOs with the aim to convince users into opening a macro-enabled attachment.

The Levis Locker Ransomware Makes Outrages Accusations and Directs Users to Pay a Fee Using MoneyPak

The Levis Locker Ransomware is a Trojan that is designed to lock the screen of the user and display a rather disturbing message. The Levis Locker lock screen features accusations that the user is engaged in browsing illegal materials including child pornography, bestiality, torture and rape. These allegations are more than likely to trigger an angry reaction from many users. The successful infiltration of the Levis Locker Ransomware results in your desktop being locked, outrages accusations displayed on your screen, and a fee of 500 USD requested to bring down the charges. The Levis Locker Ransomware is not a file coder and does not behave the same way as threats like the '.VforVendetta File Extension' Ransomware and the '_morf56@meta.ua_ File Extension' Ransomware do. You can take a deep breath and rest assured the Levis Locker Ransomware is not likely to encrypt your data. We have seen the Levis Locker Ransomware display the following notification:

'ATTENTION! Your dextop has been locked due to illegal activity online!
In order for your computer to be unlocked, you must pay $500 to Lewis
You’re IP address is: [your IP]
You have been caught viewing illegal material online, including, but not limited to:
Child Pornography
Bestiality
Torture
Rap
This computer will be destroyed in:
[countdown timer starting from 24 hours]'

The Levis Locker Ransomware Disables Built-In Tools on Windows to Hinder Removal

The Levis Locker lock screen can not be removed easily since it is generated by a Trojan that disables tools like the Task Manager, CMD utility and the Registry editor. However, computer experts reveal there is a workaround that would enable users to bypass the Levis Locker Ransomware. You will need to access the MSCONFIG utility and enable boot into Safe Mode followed by a restart of the PC. That way you will be able to load your desktop as normal and have the opportunity to deal with the Levis Locker Ransomware effectively. We should note that the initial release of the Levis Locker Ransomware does not support an encryption engine, but we may see versions that make alterations to files stored on your drives. Thus, you might want to install a backup manager as a preemptive measure. Security experts recommend using a credible anti-malware scanner to find and delete the executable behind the Levis Locker lock screen. AV software may flag executable associated with the Levis Locker Ransomware as:

  • MSIL.Trojan-Ransom.Winlock.I
  • MSIL11.E
  • Msil.Troj.Ransom!c
  • Ransom.Winlock
  • Ransom_LEVILOCK.A
  • Trojan.MSIL.gen.18

Technical Information

File System Details

Levis Locker Ransomware creates the following file(s):
# File Name MD5 Detection Count
1 file.exe ad5205a55d46f1adc620a552e13434ac 0

Site Disclaimer

Enigmasoftware.com is not associated, affiliated, sponsored or owned by the malware creators or distributors mentioned on this article. This article should NOT be mistaken or confused in being associated in any way with the promotion or endorsement of malware. Our intent is to provide information that will educate computer users on how to detect, and ultimately remove, malware from their computer with the help of SpyHunter and/or manual removal instructions provided on this article.

This article is provided "as is" and to be used for educational information purposes only. By following any instructions on this article, you agree to be bound by the disclaimer. We make no guarantees that this article will help you completely remove the malware threats on your computer. Spyware changes regularly; therefore, it is difficult to fully clean an infected machine through manual means.