LPER is a file-encrypting ransomware infection that restricts access to data (documents, images, videos) by encrypting files with the “.LPER” extension. It then attempts to extort money from victims by asking for “ransom”, in the form of Bitcoin cryptocurrency, in exchange for access to data.
When you are first infected with the LPER ransomware it will scan your computer for images, videos, and important productivity documents and files such as .doc, .docx, .xls, .pdf. When these files are detected, the ransomware will encrypt them and change their extension to “.LPER”, so that you are no longer able to open them.
Once the LPER ransomware has encrypted the files on your computer, it will display the “_readme.txt” file that contains the ransom note and instructions on how to contact the authors of this ransomware. The victims of this ransomware will be asked to contact these malware developers via the support@fishmail.top and datarestorehelp@airmail.cc email addresses.
This is the ransom note that the LPER ransomware will show to its victims:
ATTENTION!
Don’t worry, you can return all your files!
All your files like pictures, databases, documents and other important are encrypted with strongest encryption and unique key.
The only method of recovering files is to purchase decrypt tool and unique key for you.
This software will decrypt all your encrypted files.
What guarantees you have?
You can send one of your encrypted file from your PC and we decrypt it for free.
But we can decrypt only 1 file for free. File must not contain valuable information.
You can get and look video overview decrypt tool:
https://we.tl/t-oTIha7SI4s
Price of private key and decrypt software is $980.
Discount 50% available if you contact us first 72 hours, that’s price for you is $490.
Please note that you’ll never restore your data without payment.
Check your e-mail “Spam” or “Junk” folder if you don’t get answer more than 6 hours.
To get this software you need write on our e-mail:
support@fishmail.top
Reserve e-mail address to contact us:
datarestorehelp@airmail.cc
Here is a summary of the LPER ransomware:
Ransomware family: STOP/DJVU ransomware
Extensions: .LPER
Ransomware note: _readme.txt
Ransom: From $490 to $980 (in Bitcoins)
Contact: support@fishmail.top and datarestorehelp@airmail.cc emails
Symptoms: The images, videos, and other documents have the “.LPER” extension and cannot be opened by any programs
File recovery: Unfortunately, it is not currently possible to decrypt the files encrypted by the LPER ransomware. It may, though, be possible in the future if the decryption keys are recovered from the cybercriminals’ servers. Therefore, if you do not plan on paying the ransom, it is advised that you make an image of the encrypted drives so that you can decrypt them in the future.
How did the LPER ransomware get on my computer?
The LPER ransomware is distributed via spam email containing infected attachments, fake software cracks, or by exploiting vulnerabilities in the operating system and installed programs.
Here’s how the LPER ransomware might get on your computer:
Spam emails: Cybercriminals spam out an email, with forged header information, tricking you into believing that it is from a shipping company like DHL or FedEx. The email tells you that they tried to deliver a package to you, but failed for some reason. Sometimes the emails claim to be notifications of a shipment you have made. Either way, you can’t resist being curious as to what the email is referring to – and open the attached file (or click on a link inside the email). And with that, your computer is infected with the LPER ransomware.
Be alert for people trying to trick you. Whether it’s your email, phone, messenger, or other applications, always be alert and on guard for someone trying to trick you into clicking on links or replying to messages. Remember that it’s easy to spoof phone numbers, so a familiar name or number doesn’t make messages more trustworthy.
- Cracks and keygens: The LPER ransomware is distributed using fake software cracks or through free programs you download off of the Internet.
- Avoid using Peer-to-Peer (P2P) file-sharing programs, keygens, cracks, and other pirated software that can often compromise your data, privacy, or both.
- Exploits: The LPER ransomware was also observed attacking victims by exploiting vulnerabilities in the program installed on the computer or the operating system itself. Commonly exploited software includes the operating system itself, browsers, Microsoft Office, and third-party applications.
- Keep your operating system and apps up to date. Whenever an update is released for your device, download and install it right away. These updates often include security fixes, vulnerability patches, and other necessary maintenance.
No comments:
Post a Comment