Lizard Squad Ransomware
The Lizard Squad Ransomware threat is designed to encrypt the data found on any breached devices specifically. The malware initiates an encryption routine that uses a sufficiently strong cryptographic algorithm so that victims will be unable to easily restore their files. The attackers then attempt to extort money from the affected users or companies. The Lizard Squat, in particular, appears to be targeting mostly Chinese-speaking users.
Whenever the ransomware encrypts a file, it also will append a random four-character string to the file's name as a new extension. When all targeted file types - documents, PDFs, archives, photos, databases, etc., have been encrypted, the Lizard Squad will proceed to create a text file named '說明it.txt.' Inside the file, victims will find a ransom note written in Chinese, as well as an English translation. In addition, the threat also will change the current desktop background image with a new one.
According to the message of the note, the cybercriminals demand to be paid a ransom worth 2000 USDT-TRC20 crypto-coins. This means that the hackers will accept payments made only with Tether’s cryptocurrency issued on the TRON network. After transferring the money, victims are instructed to contact the threat actors by sending a message to the provided email address at 'woo090909@mail2tor.com' or Telegram account at '@woo090909.'
The full text of the ransom note left by Lizard Squad Ransomware is:
'我來自一個名為:蜥蜴小隊的國際組織
我們是黑客組織
我的名字是:09先生
我會用你的電腦作為收款的抵押品請支付:USDT-TRC20
金額:2000
付款地址:TRZRAM9KL5qv1BMrXxo876wetHfzT19sii
聯繫方式 :woo090909@mail2tor.com
電報:@woo090909
付款後聯繫我,我會為你解鎖
如果您不付款,您的計算機和文件將被自動銷毀,
如果你真的想解決,請隨時支付費用,聯繫我,我會考慮給你打折'
'I'm from an international organization called: Lizard Squad
we are a hacker group
My name is: Mr. 09
I will use your computer as collateral for collectionPlease pay: USDT-TRC20
Amount: 2000
Payment address: TRZRAM9KL5qv1BMrXxo876wetHfzT19sii
contact details : woo090909@mail2tor.com
telegraph: @woo090909
Contact me after payment and I will unlock it for you
If you do not pay, your computer and files will be automatically destroyed,
If you really want a fix, feel free to pay the fee, contact me and I'll consider giving you a discount.'
