Threat Database Ransomware LooCipher Ransomware

LooCipher Ransomware

By GoldSparrow in Ransomware

Malware researchers have uncovered a new data-locking Trojan recently. Its name is LooCipher Ransomware, which appears to be a humorous spinoff of one of the alternative names of Satan – Lucifer. It seems that the LooCipher Ransomware does not belong to any of the popular ransomware families.

Cybersecurity experts have not been able to determine what the exact methods of propagation of the LooCipher Ransomware are, but it is highly likely that the infections vectors used for spreading this file-encrypting Trojan may be the usual suspects – spam email campaigns, faux software updates and corrupted pirated applications. If the LooCipher Ransomware manages to infiltrate a PC, it will scan it to determine the locations of the files, which it has been programmed to go after. Once this is completed, the LooCipher Ransomware will start encrypting all the files that have been targeted. When a file undergoes the encryption process of the LooCipher Ransomware, it will have its name altered. The LooCipher Ransomware adds an extension ‘.lcphr’ to the newly locked files. This means that a photo, which was named ‘Seattle-sunset.jpeg’ originally will be renamed to ‘Seattle-sunset.jpeg.lcphr’ and you will no longer be able to open it or use it in any manner. After the encryption process is through, the LooCipher Ransomware will go on to drop its ransom note and change the wallpaper of the victim with an image containing a ransom message. The note dropped by the LooCipher Ransomware is named ‘@Please_Read_Me.txt’ five questions and answers, which are meant to shed some light onto the situation.

Furthermore, just to make sure they get their message across, the authors of the LooCipher Ransomware also have programmed their threat to display a pop-up window containing a ransom message. The attackers demand ‘at least’ €300 in BTC and provide instruction on how to obtain BTC. In the pop-up window, there is a timer, and the attackers state that the victims have only five days to pay up or their files will be deleted permanently.

It is never a good idea to contact cybercriminals. They are known for their lack of scruples, and you will likely be left empty-handed even if you follow all their instructions to the dot. Instead, you should look into obtaining a reputable anti-malware application and use it to remove the LooCipher Ransomware from your computer.


Most Viewed