Ladon Ransomware

What is Ladon Ransomware?

Ladon Ransomware is a malware that marks its enciphered files with .ladon extension (e.g., panda.jpg.ladon). Provided your data have this specific extension, and you are seeing ransom notes asking you to pay for decryption tools, we strongly recommend reading the rest of this article. Further, in the report, we will discuss the malicious programs working manner, its distribution methods, risks of paying the ransom, how to restore files without the decryption tool, and other vital details. Moreover, at the end of this text, we will add instructions prepared by our researchers at Anti-spyware-101.com. They will show how you could eliminate Ladon Ransomware manually by deleting files belonging to it. Users who have more questions about removal or the threat itself can leave us comments below the article tool.

Where does Ladon Ransomware come from?

So far there is no information on how Ladon Ransomware could be distributed. In fact, our specialists believe it is possible the malware is already inactive as it appears to be extremely difficult to find fully-working installers of it. Nonetheless, this is not the first ransomware we have encountered and the experience we obtained while testing lots of other threats alike allows us to list the main distribution channels. For starters, the malware might travel with infected Spam emails as it is one of the most popular distribution methods. Besides, same as viruses or Trojans it might be bundled with suspicious freeware application, pirated software, malicious tools, and so on. If this is the case, users could receive the infection while visiting various file-sharing web pages or clicking doubtful pop-up advertisements.

How does Ladon Ransomware work?

The main malware’s task is to encipher data the user would not want to lose, e.g., photographs, text documents, videos, and so on. Afterward, Ladon Ransomware may create text documents called READ_ME.HTML or READ_ME.txt in each directory containing encrypted data or just on the user’s Desktop. These documents should include a text explaining what happened to user’s files and how to get them back. In lots of cases, the note says you have to contact cybercriminals who developed the malicious program for further instructions. Also, quite often ransom notes demand to pay a specific price, and usually the malware’s developers wish to receive it in Bitcoins or another cryptocurrency alike.

What you should know about paying the ransom is the hackers do not offer any refunds, and there are no reassurances they will not keep asking for more money. In short, there is a possibility they could try to scam you. The cybercriminals might even offer decryption tools when in reality they do not have them themselves. This is why our researchers recommend against paying the ransom. The safest solution to restore enciphered data is to use backup copies or any copies you can obtain. However, for safety reasons, make sure you erase Ladon Ransomware before placing any copies or new data on the system.

How to delete Ladon Ransomware?

There are two ways to make Ladon Ransomware leave your computer for good. Probably, the easiest one is to scan the system and erase the malware in question along with other potential threats by pressing the removal button; all you have to do is choose a legitimate antimalware tool that could perform the scan. The second option is to follow our provided instructions available slightly below, although we cannot guarantee these steps will work for everyone or eliminate the threat entirely. Naturally, we do not recommend choosing it if you are not experienced with malicious programs and their removal.

Get rid of Ladon Ransomware

1. Press Ctrl+Alt+Delete.
2. Select Task Manager.
3. Search for the malware’s process.
4. Select this process and click End Task.
5. Leave Task Manager.
6. Tap Windows key+E.
7. Navigate to the following paths:
   %TEMP%
   %USERPROFILE%\desktop
   %USERPROFILE%\downloads
8. Find the file that infected the device.
9. Right-click the malicious file and press Delete.
10. Locate the malware’s ransom notes, right-click them one by one and press Delete.
11. Close File Explorer.
12. Empty your Recycle bin.
13. Restart the system. Download Removal Tool100% FREE spyware scan and
    tested removal of Ladon Ransomware*