Lokf Ransomware Description
Ransomware threats are among the most profitable malware out there. An increasing number of cyber crooks try their luck with building and propagating threats of this type, and some of them manage to generate a significant amount of revenue. At the beginning of November, malware experts spotted a new ransomware threat dubbed Lokf Ransomware. Upon dissecting it, they found that it belongs to the STOP Ransomware family – the most active ransomware family in all of 2019.
Propagation and Encryption
Cybersecurity researchers have not yet concluded how the Lokf Ransomware is being distributed. It is being speculated that the attackers likely rely on mass spam email campaigns. Usually, the emails would contain a message riddled with social engineering tricks that aim to get the user to launch the attached file by making it seem important yet harmless. It is very important to be wary of attachments in emails from unknown sources as they can cause you a fair bit of trouble. There are other propagation methods, but spam emails are by far the most popular technique. Once the Lokf Ransomware infects your computer, it will begin looking for the files it was programmed to target. Ransomware authors make sure their creations can lock almost all of the common file types and therefore ensure maximum destruction. Usually, threats like the Lokf Ransomware will encrypt .jpeg, .jpg, .pdf, .doc, .docx, .mp3, .mp4, .mov, .ppt, .pptx and countless other file types, which are likely to be found on any user’s system. When the Lokf Ransomware encrypts a targeted file, it also alters its file name by adding ‘.lokf’ extension to it. This means that, for example, an audio file that was called ‘daydream.mp3’ previously will be renamed to ‘daydream.mp3.lokf’ once the encryption process of the Lokf Ransomware is completed.
The Ransom Note
The Lokf Ransomware will drop a ransom note on the victim’s desktop named ‘_readme.txt’ – a trademark of file-locking Trojans that belong to the STOP Ransomware family. The attackers demand $980 as a ransom fee but claim that victims who make contact with them within 72 hours will only have to pay half of the original price - $490. As a way to prove to the user that they are capable of unlocking the damaged files, the creators of the Lokf Ransomware offer to unlock one file free of charge, as long as it does not contain any important data. The authors of the Lokf Ransomware provide two email addresses where the user can get in touch with them – ‘email@example.com’ and ‘firstname.lastname@example.org.’
It is not recommended to contact cybercriminals, and it is certainly not a good idea to give them your hard-earned cash. Such individuals are known to trick users into paying the ransom fee but never holding up their end of the deal. A safer approach in this difficult situation is to trust a reputable anti-malware solution to clear your system of the Lokf Ransomware.
Do You Suspect Your PC May Be Infected with Lokf Ransomware & Other Threats? Scan Your PC with SpyHunterSpyHunter is a powerful malware remediation and protection tool designed to help provide PC users with in-depth system security analysis, detection and removal of a wide range of threats like Lokf Ransomware as well as a one-on-one tech support service. Download SpyHunter's FREE Malware Remover
Security Doesn't Let You Download SpyHunter or Access the Internet?Solutions: Your computer may have malware hiding in memory that prevents any program, including SpyHunter, from executing on your computer. Follow to download SpyHunter and gain access to the Internet:
- Use an alternative browser. Malware may disable your browser. If you're using IE, for example, and having problems downloading SpyHunter, you should open Firefox, Chrome or Safari browser instead.
- Use a removable media. Download SpyHunter on another clean computer, burn it to a USB flash drive, DVD/CD, or any preferred removable media, then install it on your infected computer and run SpyHunter's malware scanner.
- Start Windows in Safe Mode. If you can not access your Window's desktop, reboot your computer in "Safe Mode with Networking" and install SpyHunter in Safe Mode.
- IE Users: Disable proxy server for Internet Explorer to browse the web with Internet Explorer or update your anti-spyware program. Malware modifies your Windows settings to use a proxy server to prevent you from browsing the web with IE.