Virus Name: .LAZARUS file virus
Categories: Ransomware, Decryption Virus
Detailed Description of .LAZARUS file virus
.LAZARUS file virus is a newly detected Ransomware that enters Windows OS through social networking and spam email. When you receive a Twitter or Facebook link from your friend whose computer have been infected by virus, .LAZARUS file virus may sneak into your system silently. Besides, when you open a image and document file downloaded from spam email attachment, .LAZARUS file virus may be activated as well. In case the ransomware is loaded, you will feel despairing because your personal files will all be encrypted by hacker.
Have you seen “What happened to your files” alert on your PC? If so, your PC is infected with .LAZARUS file viruss. And when you see it, the first step should be removing it because it is tricky and malicious. You don’t need to bring in it purposely, but it is here with some normal behaviors, such as spam emails, porn websites, or fake links. In most of time, freeware bundle can also play an important role. So it is no need to prevent it coming because few of users can successfully do it.
All kinds of system files such as .avi, .mkv, .pdf, .xml, .doc, .png, .jpeg, .jpg, .ay, .md, .mdb and .dxg will all be encrypted with .LAZARUS file virus. After that, the virus shows you a file recovering instruction on a wallpaper or TXT file or popup webpage, which demand you to send money in form of bitcoin to their account. The ransom fees is usually over $300 and will be required to paid within 48 hours. .LAZARUS file virus warns that if you do not pay it within the period, and if you attempt to recover them with other methods, you will never have chance to get them back at all. It is horrible to every victim while reading such random messages, though most of people do not want to pay and do not trust the hacker, our researcher found that lots of them pay the ransom fees because those personal files were so important. But was it the right decision? Not really, many victims paid for nothing, and their files cannot be restored. You may get scammed by the hacker and you may give them a chance to steal you banking account, so we suggest all victims not buying the suspicious decryption key from hacker, it may be a big trap.