A;8 2K =5 2848B5 745AL 87>1@065=89, B> 8A?>;L7C9B5 VPN. (8D@>20;LI8: (28@CA-H0=B068AB). 0I8B0 >B ?@>3@0<<-H8D@>20;LI8:>2. 0: C40;8BL 28@CA-H8D@>20;LI8:? (8D@>20;LI8:8 — MB> 2@54>=>A=K5 ?@>3@0< 0==K9 A09B — MB> !" 8  !"' 8=D>@<0F88 > H8D@>20;LI8:0E 8 2A52>7<>6=KE 2K<>30B5;OE. 2B>@A:85 AB0BL8, 8=AB@C:F88 4;O ?>AB@0402H8E, @5:><5=40F88 ?> 70I8B5 8 ?@>D8;0:B8:5 C3@>7K Ransomware. ;02=0O 2545=85 >2>AB8 ?> H8D@>20;LI8:0< !?8A>: ID Ransomware ;>AA0@89 5=50;>38O  1;>35 =;09=-70O2;5=85 Free HELP! C:>2>4AB2> 4;O ?>AB@0402H53> !?>A>1K 70I8BK > CGH85 <5B>4K 70I8BK ><>IL A09BC Ransomware FAQ 0: C40;8BL H8D@>20;LI8: 8 2>AAB0=>28BL 40==K5? 5H8D@>2I8:8 Anti-Ransomware 0< =C6=0 ?><>IL? Freeware 8 <09=8=3 >=B0:B #A;>28O 8A?>;L7>20=8O 8=D>@<0F88 B?@028BL D09; =0 0=0;87 0:07 B5AB-@0AH8D@>2:8 Drive-by Downloads 5 <8D>2 > 157>?0A=>AB8 Windows 0I8B0 >@30=870F88 >B Ransomware =0;87 70B@0B-?>B5@L >B RW 0I8B0 RDP >B RW 0I8B0 C40;5==>9 @01>BK >B RW 0I8B0 1M:0?>2 >B RW #A;>28O >?@0240=8O 8 @5018;8B0F88 "5;5D>==>5 <>H5==8G5AB2> ?OB=8F0, 13 O=20@O 2017 3. LambdaLocker LambdaLocker Ransomware (H8D@>20;LI8:-2K<>30B5;L) -B>B :@8?B>-2K<>30B5;L H8D@C5B 40==K5 ?>;L7>20B5;59 A ?><>ILN AES+RSA 8 SHA-256, 0 70B5< B@51C5B 2K:C? 2 0,5-1 18B:>8=, GB>1K 25@=CBL D09;K. 0720=85 >@838=0;L=>5. © 5=50;>38O: LambdaLocker. 0G0;>  70H8D@>20==K< D09;0< 4>102;O5BAO @0AH8@5=85 .lambda_l0cked 7>1@065=85 =5 ?@8=04;568B H8D@>20;LI8:C :B82=>ABL MB>3> :@8?B>-2K<>30B5;O ?@8H;0AL =0 O=20@L 2017 3. @85=B8@>20= =0 0=3;>O7KG=KE 8 :8B09A:8E ?>;L7>20B5;59, GB> =5 <5H05B @0A?@>AB@0=OBL 53> ?> 2A5 0?8A:8 A B@51>20=85< 2K:C?0 =07K20NBAO: READ_IT.hTmL 0?8A0=K =0 0=3;89A:>< 8 :8B09A:>< O7K:0E. !>45@60=85 70?8A:8 > 2K:C?5: !!!WARNING!!! Your files are encrypted by the LambdaLocker. Your ID: 4530-1xxx-2xxx-5xxx We used AES-256 and SHA-256 cipher to encrypt. So DO NOT try to crack your files. The way to DECRYPT: Step1: pay 0.5 Bitcoin to 1MJod*** (Case Sensitive, Please copy this address) in 1 month. Step2: send an E-MAIL to [email protected] after you finish step 1 Format: Subject: decryptLL Body: [Your ID]P05 (Example:[1234-1234-1234]P05) Step3: Please wait. We will send the decrypter and the key to you in 3 hours. How to get Bitcoins and pay? 1. Register a Bitcoin Trade Platform. 2. Buy Bitcoins through the platform. 3. Pay 0.5 Bitcoins to 1MJodDvhmNG9ocRhhwvBzkGmttXP9ow7e2 and follow the decrypt step. If you can't understand, please Google: How can I buy and pay bitcoin? Bitcoin Trade Platform recommend: 1. HuoBi (k
,China): https://www.huobi.com/ 2. BtcTrade (China): http://www.btctrade.com 3. OKCoin: https://www.okcoin.cn/ 4. Bter: https://bter.com/ 5. JuBi (Z
,China): http://www.jubi.com/ 6. Btc100 (China): https://www.btc100.cn/ 7. BTC-e: https://btc-e.com/ 8. Bitstamp: https://www.bitstamp.net/ 9. GDAX: https://www.gdax.com/ 10. CEX: https://cex.io/ Or you can use others. If you have any questions, please e-mail [email protected]. !!!fJ!!! ¨„@ ‡öòÏ«LambdaLocker Æ. ¨„ID : 4530-1099-2139-5329 ì(†AES-256ŒSHA-256 Æ,÷ Õþ4ã. ã
¹: ,�e:(�* /Ø0.5Ôy
00@ 1MJodDvhmNG9ocRhhwvBzkGmttXP9ow7e2 (:'™,÷Œt0 6) ,Œe:Œ,�eK,Ñ
®ö0 [email protected] <: ®ö˜:decryptLL ®ö ¹:[¨„ID]P05 (>‹:[1234-1234-1234]P05) , e:÷I .ìŠØ¥Œã
(3ö Ñ
Ù¨. ‚U—0Ôy
v/Ø? 1.èŒ�*Ôy
¤sð. 2.Çsð-pÔy
. 3.Çsð/Ø0.5Ôy
01MJodDvhmNG9ocRhhwvBzkGmttXP9ow7e2vçíã
e¤. ‚œØ ‘î÷ Q":‚U-pv/ØÔy
Ôy
¤sð¨P: 1.YunBi(‘
,China):https://yunbi.com/ 2.BtcTrade(China):http://www.btctrade.com 3.OKCoin:https://www.okcoin.cn/ 4.Bter:https://bter.com/ 5.JuBi(Z
,China):http://www.jubi.com/ 6.Btc100(China):https://www.btc100.cn/ 7.BTC-e:https://btc-e.com/ 8.Bitstamp:https://www.bitstamp.net/ 9.GDAX:https://www.gdax.com/ 10.CEX:https://cex.io/ ¨_ïå(vք. ‚œ¨ ûU‘î,÷Ñ
®öó[email protected] 5@52>4 70?8A:8 =0 @CAA:89 O7K:: !!! # !!! 0H8 D09;K 70H8D@>20=K A ?><>ILN LambdaLocker. 0H ID: 4530-1xxx-2xxx-5xxx K 8A?>;L7>20;8 AES-256 8 SHA-256 H8D@K 4;O H8D@>20=8O. >B> CBL : 45H8D@>2:5: (03 1: ?;0B8BL 0,5 Bitcoin =0 1MJod *** (GC2AB28B5;L=> : @538AB@C, A:>?8@C9B5 MB>B 04@5A) 2 B5G5=85 1 <5AOF0. (032: >B?@028BL email =0 [email protected] ?>A;5 1-3> H030 $>@<0B: "5<0: decryptLL "5;>: [0H ID]P05 (@8<5@: [1234-1234-1234]P05) (03 3: >4>648B5. K ?@8H;5< 45:@8?B5@ 8 :;NG 20< 70 3 G0A0. 0: ?>;CG8BL 18B:>8=K 8 70?;0B8BL? 1. 0@538AB@8@>20BLAO 2 Bitcoin Trade Platform. 2. C?8BL 18B:>8=K G5@57 ?;0BD>@ 3. ?;0B8BL 0,5 18B:>8=0 =0 1MJodDvhmNG9ocRhhwvBzkGmttXP9ow7e2 8 40;55 H03 45H8D@>20=8O. A;8 2K =5 <>65B5 ?>=OBL, ?>60;C9AB0 3C3;8B5: How can I buy and pay bitcoin? Bitcoin Trade Platform @5:><5=4C5B: 1. HuoBi (k
, 8B09): https://www.huobi.com/ 2. BtcTrade (8B09): http://www.btctrade.com 3. OKCoin: https://www.okcoin.cn/ 4. Bter: https://bter.com/ 5. JUBI (Z
, 8B09): http://www.jubi.com/ 6. Btc100 (8B09): https://www.btc100.cn/ 7. BTC-5: https://btc-e.com/ 8. Bitstamp: https://www.bitstamp.net/ 9. GDAX: https://www.gdax.com/ 10. CEX: https://cex.io/ ;8 2K <>65B5 8A?>;L7>20BL 4@C385. A;8 C 20A 5ABL ;N1K5 2>?@>AK, ?>60;C9AB0, ?8H8B5 =0 email [email protected] 0A?@>AB@0=O5BAO 8;8 <>65B @0A?@>AB@0=OBLAO A ?><>ILN email-A?0<0 8 2@54>=>A=KE 2;>65=89, M:A?;>9B>2, D0;LH82KE >1=>2;5=89, ?5@5?0:>20==KE 8 70@06Q==KE 8=AB0;;OB>@>2. !<. B0:65 "A=>2=K5 A?>A>1K @0A?@>AB@0=5=8O :@8?B>2K<>30B5;59" =0 22>4=>9 AB@0=8F5 1;>30. 0?CAB82H8AL 2@54>=>A 7025@H0NB @01>BC A;54CNI8E A;C61: MariaDB MSSQL MSSQL56 MSSQLServer OracleServiceORCL !?8A>: D09;>2KE @0AH8@5=89, ?>425@30NI8EAO H8D@>20=8N: .1cd, .7z, .accdb, .backup, .cd, .cdr, .dbf, .doc, .docx, .dwg, .jpeg, .jpg, .mdb, .odt, .pdf, .psd, .rar, .rtf, .sqlite, .tiff, .xls, .xlsx, .zip (23 @0AH8@5=8O). -B> 4>:C<5=BK MS Office, OpenOffice, PDF, B5:AB>2K5 D09;K, 107K 40==KE, D>B>3@0D88, @8 H8D@>20=88 ?@>?CA:0NBAO D09;K, =0E>4OI85AO 2 48@5:B>@8OE: ProgramFiles Windows $09;K, A2O70==K5 A MB8< Ransomware: READ_IT.hTmL LambdaLocker.exe baiduyunSimple.exe 0A?>;>65=8O: %SystemDrive%\READ_IT.hTmL %SystemDrive%\lf.lst %SystemDrive%\!A_NOTICE_FROM_LAST %SystemDrive%\lalove.inf0 [PATH TO MALWARE]\#Cyb3rGh0st_S0c13tyF@ck3r 0?8A8 @55AB@0, A2O70==K5 A MB8< Ransomware: !<. =865 @57C;LB0BK 0=0;87>2. !5B52K5 ?>4:;NG5=8O 8 A2O78: [email protected] !<. =865 @57C;LB0BK 0=0;87>2. 57C;LB0BK 0=0;87>2: 81@84=K9 0=0;87 >> IQ >> VirusTotal 0=0;87 >> IQ >> Symantec: Ransom.LambdaLocker >> !B5?5=L @0A?@>AB@0=Q==>AB8: A@54=OO. >4@>1=K5 A2545=8O A>18@0NBAO @53C;O@=>. 1=>2;5=85 >B 5 0?@5;O 2017: 5@A8O: LambdaLocker Python !C<<0 2K:C?0: 1 BTC $09;K: kukuvruku.exe, reloader.exe 0AH8@5=85: .lambda_l0cked &5;52K5 D09;K: .gif, .htm, .html, .pdf, .txt 8 4@C385. AB0=02;8205B ?@>F5AAK: mysql, MySQL56, mssqlserver, OracleServiceORCL, MongoDB, MariaDB, postgresql 025@H05B 7040G8 ?@>F5AA>2: mysql.exe, IM oracle.exe, sqlserver.exe, IM Apache.exe 57C;LB0BK 0=0;87>2: HA + VT >2K9 2845>@>;8: >> 1=>2;5=85 >B 7 0?@5;O 2017: 57C;LB0BK 0=0;87>2: HA+VT 1=>2;5=85 >B 27 8N;O 2017: >AB 2 "28BB5@5 >> 0?8A:0: !UNLOCK_guiDE.tXT 8 O@;K: UNLOCK_guiDE 0AH8@5=85: .MyChemicalRomance4EVER $09;: VortexVPN.exe 57C;LB0BK 0=0;87>2: VT !:@8=H>B 70?8A:8 8 !?8A>: @0AH8@5=89: =8<0=85! ;O 70H8D@>20==KE D09;>2 5ABL 45H8D@>2I8: !:0G0BL LambdaLocker Fix 4;O 45H8D@>2:8 >> Read to links : Tweet on Twitter ID Ransomware (ID as LambdaLocker) Tweet on Twitter + Write-up + Video review Thanks : Michael Gillespie Symantec Chris Doman GrujaRS © Amigo-A (Andrew Ivanov): All blog articles. 2B>@: Amigo A =0 B?@028BL ?> M;5:B@>==>9 ?>GB5 0?8A0BL >1 MB>< 2 1;>35 ?C1;8:>20BL 2 Twitter ?C1;8:>20BL 2 Facebook >45;8BLAO 2 Pinterest !;54CNI55 @54K4CI55 ;02=0O AB@0=8F0 >AB>O==K5 G8B0B5;8 My tweet feed Follow me! My profile on BC Follow me! $>@<0 4;O A2O78 / Contact  -;5:B@>==0O ?>GB0 * !>>1I5=85 * Translate / 5@52>4 ><>38B5 45BO !B0=LB5 >1@K< >;H51=8:> ><>IL 682>B=K< -B> =5 @5:;0<0. ><>38B5, G5< <>65B5! Yandex search / /=45:A-?>8A: %@>=>;>38O Ransomware ► 2010 (2) ► O=20@O (1) ► >:BO1@O (1) ► 2012 (3) ► D52@0;O (1) ► <0@B0 (1) ► 45:01@O (1) ► 2013 (6) ► 023CAB0 (2) ► A5=BO1@O (2) ► 45:01@O (2) ► 2014 (10) ► <0@B0 (5) ► 023CAB0 (1) ► A5=BO1@O (1) ► >:BO1@O (2) ► 45:01@O (1) ► 2015 (21) ► O=20@O (1) ► D52@0;O (1) ► <0@B0 (2) ► 0?@5;O (2) ► <0O (4) ► 8N;O (1) ► 023CAB0 (1) ► A5=BO1@O (2) ► >:BO1@O (2) ► =>O1@O (3) ► 45:01@O (2) ► 2016 (338) ► O=20@O (13) ► D52@0;O (14) ► <0@B0 (28) ► 0?@5;O (14) ► <0O (32) ► 8N=O (35) ► 8N;O (26) ► 023CAB0 (23) ► A5=BO1@O (31) ► >:BO1@O (37) ► =>O1@O (40) ► 45:01@O (45) ▼ 2017 (551) ▼ O=20@O (40) OpenToYou First Red Alert EdgeLocker GOG X3M BTCamant FireCrypt Globe3 MafiaWare SkyName Ocelot Locker Evil Nemesis Spora Marlboro NMoreira 2.0 LambdaLocker Kaandsona CryptoSweetTooth Havoc Mobef-CryptoFag Satan RaaS GarryWeber DN, DoNotOpen CloudSword Sage 2.0 ZekwaCrypt VxLock Funfact RanRan, ZXZ Potato CryptConsole 1.0 RansomPlus XCrypt 7zipper Zyka SureRansom Netflix CryptoShield 1.0 ► D52@0;O (39) ► <0@B0 (55) ► 0?@5;O (43) ► <0O (82) ► 8N=O (52) ► 8N;O (52) ► 023CAB0 (45) ► A5=BO1@O (41) ► >:BO1@O (32) ► =>O1@O (35) ► 45:01@O (35) ► 2018 (281) ► O=20@O (25) ► D52@0;O (23) ► <0@B0 (29) ► 0?@5;O (26) ► <0O (20) ► 8N=O (20) ► 8N;O (31) ► 023CAB0 (22) ► A5=BO1@O (14) ► >:BO1@O (20) ► =>O1@O (28) ► 45:01@O (23) ► 2019 (221) ► O=20@O (32) ► D52@0;O (16) ► <0@B0 (22) ► 0?@5;O (17) ► <0O (13) ► 8N=O (17) ► 8N;O (18) ► 023CAB0 (12) ► A5=BO1@O (16) ► >:BO1@O (21) ► =>O1@O (19) ► 45:01@O (18) ► 2020 (247) ► O=20@O (25) ► D52@0;O (24) ► <0@B0 (22) ► 0?@5;O (20) ► <0O (22) ► 8N=O (22) ► 8N;O (19) ► 023CAB0 (19) ► A5=BO1@O (19) ► >:BO1@O (22) ► =>O1@O (18) ► 45:01@O (15) ► 2021 (173) ► O=20@O (20) ► D52@0;O (12) ► <0@B0 (10) ► 0?@5;O (12) ► <0O (17) ► 8N=O (23) ► 8N;O (10) ► 023CAB0 (12) ► A5=BO1@O (12) ► >:BO1@O (13) ► =>O1@O (14) ► 45:01@O (18) ► 2022 (95) ► O=20@O (14) ► D52@0;O (12) ► <0@B0 (11) ► 0?@5;O (9) ► <0O (9) ► 8N=O (9) ► 8N;O (9) ► 023CAB0 (5) ► A5=BO1@O (5) ► >:BO1@O (6) ► =>O1@O (4) ► 45:01@O (2) ► 2023 (46) ► O=20@O (3) ► D52@0;O (2) ► <0@B0 (6) ► 0?@5;O (6) ► <0O (6) ► 8N=O (1) ► 8N;O (3) ► 023CAB0 (5) ► A5=BO1@O (6) ► >:BO1@O (4) ► =>O1@O (2) ► 45:01@O (2) ► 2024 (11) ► O=20@O (7) ► D52@0;O (2) ► <0@B0 (1) ► 0?@5;O (1) Office 2019 Pro Plus 100% + ?@><>:>4 30% A:84:0 Office 2019 Pro Plus 100% + promocode /=45:A 5B@8:0 Search >;8G5AB2> ?@>A<>B@>2 >9 A1>@=8: 45H8D@>2I8:>2 0948 A2>9 45H8D@>2I8:! Flag Counter (Since June 5, 2019) /=45:A ! !0 Wing, ImmaLocker Wing Ransomware Variants: ImmaLocker, Sanalock, Poraton (H8D@>20;LI8:-2K<>30B5;L, RaaS) (?5@2>8AB>G=8: =0 @CAA:><) Translation into Engl... REDCryptoApp REDCryptoApp Ransomware REDCryptoApp Doxware (H8D@>20;LI8:-2K<>30B5;L, ?C1;8:0B>@) (?5@2>8AB>G=8:) Translation into English -B>B :@8?B... !45;09B5 >1@>! TRANSLATION INTO ENGLISH TRANSLATION INTO FRENCH TRANSLATION INTO SPANISH !?0A81>, GB> 70H;8 : =0< A53>4=O! !B0=LB5 >1@K< >;H51=8:><, ?><... Morok Morok Ransomware MorokTeam Ransomware Aliases: M0r0k, Sunset Wolf (H8D@>20;LI8:-2K<>30B5;L, E0:5@A:0O 3@C??0) (?5@2>8AB>G=8: =0 @CAA:><)... (function(i,s,o,g,r,a,m){i['GoogleAnalyticsObject']=r;i[r]=i[r]||function(){ (i[r].q=i[r].q||[]).push(arguments)},i[r].l=1*new Date();a=s.createElement(o), m=s.getElementsByTagName(o)[0];a.async=1;a.src=g;m.parentNode.insertBefore(a,m) })(window,document,'script','https://www.google-analytics.com/analytics.js','ga'); ga('create', 'UA-81232046-1', 'auto', 'blogger'); ga('blogger.send', 'pageview'); gapi.load("gapi.iframes:gapi.iframes.style.bubble", function() { if (gapi.iframes && gapi.iframes.getContext) { gapi.iframes.getContext().openChild({ url: 'https://www.blogger.com/navbar.g?targetBlogID\x3d6113896202570680354\x26blogName\x3d%D0%A8%D0%B8%D1%84%D1%80%D0%BE%D0%B2%D0%B0%D0%BB%D1%8C%D1%89%D0%B8%D0%BA%D0%B8-%D0%B2%D1%8B%D0%BC%D0%BE%D0%B3%D0%B0%D1%82%D0%B5%D0%BB%D0%B8+The+Digest+%22...\x26publishMode\x3dPUBLISH_MODE_BLOGSPOT\x26navbarType\x3dBLUE\x26layoutType\x3dLAYOUTS\x26searchRoot\x3dhttps://id-ransomware.blogspot.com/search\x26blogLocale\x3dru\x26v\x3d2\x26homepageUrl\x3dhttps://id-ransomware.blogspot.com/\x26targetPostID\x3d1173974747918524553\x26blogPostOrPageUrl\x3dhttps://id-ransomware.blogspot.com/2017/01/lambdalocker.html\x26vt\x3d94194147233883522', where: document.getElementById("navbar-iframe-container"), id: "navbar-iframe" }); } }); window.followersIframe = null; function followersIframeOpen(url) { gapi.load("gapi.iframes", function() { if (gapi.iframes && gapi.iframes.getContext) { window.followersIframe = gapi.iframes.getContext().openChild({ url: url, where: document.getElementById("followers-iframe-container"), messageHandlersFilter: gapi.iframes.CROSS_ORIGIN_IFRAMES_FILTER, messageHandlers: { '_ready': function(obj) { window.followersIframe.getIframeEl().height = obj.height; }, 'reset': function() { window.followersIframe.close(); followersIframeOpen("https://www.blogger.com/followers.g?blogID\x3d6113896202570680354\x26colors\x3dCgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByM0NDQ0NDQiByMyODVkOGMqByNkNGUxZmYyByM2NjY2NjY6ByM0NDQ0NDRCByMyODVkOGNKByM2NjY2NjZSByMyODVkOGNaC3RyYW5zcGFyZW50\x26pageSize\x3d21\x26postID\x3d1173974747918524553\x26origin\x3dhttps://id-ransomware.blogspot.com/"); }, 'open': function(url) { window.followersIframe.close(); followersIframeOpen(url); }, 'blogger-ping': function() { } } }); } }); } followersIframeOpen("https://www.blogger.com/followers.g?blogID\x3d6113896202570680354\x26colors\x3dCgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByM0NDQ0NDQiByMyODVkOGMqByNkNGUxZmYyByM2NjY2NjY6ByM0NDQ0NDRCByMyODVkOGNKByM2NjY2NjZSByMyODVkOGNaC3RyYW5zcGFyZW50\x26pageSize\x3d21\x26postID\x3d1173974747918524553\x26origin\x3dhttps://id-ransomware.blogspot.com/"); (function(m,e,t,r,i,k,a){m[i]=m[i]||function(){(m[i].a=m[i].a||[]).push(arguments)}; m[i].l=1*new Date();k=e.createElement(t),a=e.getElementsByTagName(t)[0],k.async=1,k.src=r,a.parentNode.insertBefore(k,a)}) (window, document, "script", "https://mc.yandex.ru/metrika/tag.js", "ym"); ym(69634408, "init", { clickmap:true, trackLinks:true, accurateTrackBounce:true });