‘Locky’ is the latest addition to the ransomware family. It has an interesting name and carries the same nastiness. Read more from the post below.
What is the Locky Ransomware?
Locky is a new file-encrypting ransomware malware. It does two things:
And as most of us know, the encrypted files can be decrypted only with a key available with the cyber crook and for a price.
Who all are in the red zone?
Locky ransomware is known to target Windows users.
How does it infect a machine?
The ransomware seems to be using different spam email campaigns to spread and infect its target victims.
In one campaign, it’s been noticed that the email seems to be from a popular organization, and asks the user to download an invoice attachment (MS Word doc).
The document contains text that looks incomprehensible or unreadable. And to make the text readable, the user needs to enable ‘macros’.
If the user falls for this trick and enables the ‘macros’, a series of automatic processes is triggered which finally results in installing the Locky Ransomware on the machine.
Once inside the system, the ransomware begins encrypting whatever files it can find.
What happens next?
Once Locky is done encrypting the files, it displays a message to the user on the desktop. The message informs what has happened, and that decrypting the files is only possible by purchasing a private key from the hacker; the cost could be up to ₹ 26,558/- ($400).
What do we suggest?
How Quick Heal helps?
We have released an update to Quick Heal desktop products that prevents the attack of Locky Ransomware. Besides this, our multilayered defense mechanism helps prevent all types of malware attacks including new ransomware infections.
Email Security blocks emails carrying malicious links and attachments.
Web Security blocks websites containing hidden malware and viruses, and websites designed for phishing attacks.
Advanced DNAScan stops new and unknown malware that can cause the most damage.
Anti-Ransomware stops ransomware from encrypting any data. The feature works in multiple ways to prevent a potential ransomware attack.
We are keeping a track of the Locky Ransomware and its developments. We will keep you posted in case we come across anything important. Stay safe!