The ransomware attacks are not going to die anytime soon. After facing Petya and WannaCry, we just got a news about a new email-based Locky ransomware. This ransomware was once considered almost dead but it is back with the largest malware attack in 2017.
As per a report by ZDNet, over 23 million emails containing Locky were sent in just 24 hours on August 28. It was discovered by researchers at AppRiver who calls it “one of the largest malware campaigns seen in the latter half of 2017”.
The Indian Computer Emergency Response Team (CERT-In) has also issued an alert on its website about the new Locky ransomware. Even if there is no case of this malware in India, we must take extra precautions.
Ransomware is a computer malware that encrypts important data and then demands payment for giving decryption key. Locky also work the same. Attackers are sending emails to people with an attachment containing Locky ransomware. As per reports, over 23 million emails were sent on August 28. Different emails contain different things. Email subject could be like ‘Please Print’, ‘Documents’, ‘Photos’, ‘Images’ or more.
See the attached screenshot here.
The email attachment contains a ZIP file with Visual Basic Script (VBS). If you click on this attachment, it pulls latest locky ransomware and executes in the system. All files of the system will be encrypted and it appends appending [.]lukitus to encrypted files.
It also instructs victims to install TOR browser and provides a .onion(aka Darkweb) site to process payment of .5 Bitcoins to get the decryption key.
The email campaign is still active and it can also reach you. So, keep yourself safe.
To keep yourself safe from ransomware, you need to avoid emails from unknown senders. Also, keep your system up to date with latest software and hardware updates. Always have a backup of your important files.
