The Lostdata Ransomware is a malware threat created for the sole purpose of locking the data of its victims. After being deployed to the targeted computers, Lostdata will engage its encryption routine that will render most of the documents, archives, databases, images and other file types completely unusable. The attackers will then extort the victims for money.
When the Lostdata Ransomware encrypts a file, it also heavily modifies that file's original name. In fact, it will completely replace the names of the locked files with an email address followed by a lengthy string of random characters. Finally, '.cbf' will be attached as a new file extension. The email address found in the file names is 'firstname.lastname@example.org.' Unlike the vast majority of ransomware threats, Lostdata doesn't drop a dedicated file containing its ransom note. Instead, an extremely brief message from the attackers is delivered via an image that will be set as the system's new desktop background.
The shown instructions lack many important details. The Lostdata Ransomware doesn't mention the amount that its operators are demanding to receive as a ransom or if the money must be transmitted using a specific cryptocurrency. All that the targets of the threat are told is that they will have to contact the 'email@example.com' email address to receive additional instructions.
The full text of the ransom note left by Lostdata Ransomware is:
'Attention, your data is encrypted, to restore Files, write mail firstname.lastname@example.org'