Lyposit, often depicted on a computer as “Win32/Lyposit.A” or “Trojan-Ransom.Win32.Lyposit,” is a crime toolkit and Trojan virus that was first accessible in 2012, around the same time criminals began using the crim toolkit Citadel. Lyposit produces malware that pretends to come from a local law enforcement agency based on the victim’s computer's regional settings. Once the computer’s regional settings are determined, Lyposit preys on its victims’ fears, coercing them to use payment services based on their locations.  Criminals pushing Lyposit malware receive a share of the profit made from victims paying the ransoms.


Lyposit may unwittingly wind up on a victim’s computer if the victim accesses an unsecure website or a website that has been hacked. The moment this happens, the ransomware installs itself without the victim knowing, and it bypasses a computer’s system security. Once it is present within the victim’s computer, it then wastes no time in doing its intended harm.

Lyposit must be removed from a victim’s computer as quickly as possible. If left on the victim’s computer for too long, this ransomware will copy its own files onto the victim’s computer and drastically slow the computer’s performance speed. Lyposit is also capable of compromising a computer’s files and accessing all of a victim’s personal information. Such very private information may include anything that a victim can type into various secured websites, from account passwords to credit card information.


Is Your Network Vulnerable To Ransomware Attacks?

Find out now with KnowBe4's Ransomware Simulator "RanSim", get your results in minutes.
Get RanSim!

« Back To Ransomware Knowledgebase


Get the latest about social engineering

Subscribe to CyberheistNews