News —

Locky, A New Variant Of Ransomware

by / Tuesday, 26 July 2016 / Published in News

A new Cryptolocker-type ransomware virus is spreading at an alarming rate. Locky encrypts users’ files
and asks for bitcoin payments to decrypt them.

‘Locky’ discovery.
Security researchers at Phishme, a leading provider of threat management solutions, found Locky ransomware when they identified a number of large sets of e-mails delivering Word documents that contained macro scripts.

How it spreads. 
Targets receive a phishing e-mail that looks like a message from a vendor containing an invoice (sample above). Recipients are led to believe that the document is a harmless invoice requiring some sort of payment. However, when they opened the Word document, it requests permission to run a macro. Many victims allowed it, and the macro installs Locky. This vicious malware encrypts the files on the computer and adds a .locky file extension that cannot be unlocked without a bitcoin payment.

How you can fight Locky.
The best defense is to have a good backup of all your important files that includes storing backup files in an offline or off-site environment that cannot be reached by infection. That way, if you do have to face any type of ransomware, you can reinstall your data quickly on another computer and get back to work.

Awareness is half the battle.
Advise your family, friends and co-workers about this new threat and avoid suspicious e-mails completely.