What is LockerPay Ransomware?
Our malware analysts have recently found a new ransomware-type program called LockerPay Ransomware. Apparently, this application was designed to encrypt documents and images and pictures and then offer you to purchase a decryption key. You might want to decline the offer because there is no guarantee that the creators of this program will keep their word. You should consider removing this program instead of giving what the developers want because you cannot trust them. You need to act quickly because this ransomware is set to delete the encrypted files after 48 hours if you do not pay. You should wait for a free decryption tool to be made, but there is no guarantee that it will be made. For more information, read this whole article.
What does LockerPay Ransomware do?
Research has shown that LockerPay Ransomware was designed to encrypt files using an advanced encryption algorithm. However, researchers are not exactly sure which algorithm it uses, but it should be either the AES or RSA encryption algorithm. Malware researchers say that this particular program was designed to encrypt various documents and image files. This is the case probably because these types of files are more likely to contain personal and, thus, valuable information.
Once this encryption is finished, LockerPay Ransomware opens a window that contains the ransom note. It will also drop a file named “your_system_has_been_locked_INSTRUCTIONS.txt.” This file contains the same information as the opened window. The note says that your files have been encrypted and that you need to pay a ransom (the sum is not specified) to get your files back. The note also says that you have 48 hours to pay the ransom and that the encrypted files will be deleted if you fail to pay. Allegedly, you will receive the decryption key within 24 hours of making the payment. However, we cannot confirm this to be the case. Again, the developers might not give you the key after you pay whatever sum of money you were asked to pay. To pay, you have to message the developers via email at lockerpay64@yandex.ru, and you will be given further instructions on how to pay the ransom. Note that you have to purchase Bitcoins first as the developers will receive the payment in this cryptocurrency only.
Where does LockerPay Ransomware come from?
Our cyber security experts say that this particular program should be distributed via malicious email spam. The developers send emails to random users in the hopes of infecting their computers. It is said that the emails feature an attached file archive that contains the main executable. You have to open and extract and then run the executable manually for your PC to become infected. Unfortunately, the developers probably disguise the file to compel users to open it.
How do I remove LockerPay Ransomware?
We hope you found the information is this short article useful. It is evident that LockerPay Ransomware is a highly malicious computer infection that was designed to encrypt personal files and demand money. However, you should not comply with the demands to pay and remove this ransomware instead because there is no guarantee that you will get the key or if it will work. We recommend using SpyHunter’s free scanner to detect the malware and then go to its location and delete it manually since its name can be random.
Removal Guide
- Open the browser.
- Visit http://www.anti-spyware-101.com/download-sph
- Download SpyHunter-Installer.exe and run it.
- Launch the program and click Scan Computer Now!
- Copy the file path of the executable from the scan results.
- Simultaneously press Windows+E keys.
- Enter the file path in File Explorer’s address box and hit Enter.
- Find and right-click the executable file and then click Delete.
- Empty the Recycle Bin.
tested removal of LockerPay Ransomware*
0 Comments.