Security experts have warned that ‘Locky’ is quickly evolving into an effective piece of ransomware Security experts are warning that a sudden surge in ransomware is hitting unwitting internet users disguised as junk mail that, if opened, will lock down computer systems and charge hundreds of pounds for the release of personal files.
The spike in attacks has been blamed on the rapid ascension of a new malware strain dubbed ‘Locky’ that only appeared on the scene two weeks ago but has already gained notoriety for its effectiveness. Like many other ransom-based malware, Locky currently charges infected users bitcoin in exchange for access to encrypted files.
Why advertise with us
The initial strain of Locky, first exposed by Palo Alto Networks on 16 February, was discovered in macros for Microsoft Word. However, experts are now warning that its developers have switched to using Javascript-based attachments. Locky is distributed through spam messages and is thought to be using the same botnet as the infamous banking malware Dridex.
"We are currently seeing extraordinary (sic) huge volumes of JavaScript attachments being spammed out, which, if clicked on by users, lead to the download of a ransomware," revealed Rodel Mendrez, security researcher with Trustwave. "Our spam research database saw around four million malware spams in the last seven days, and the malware category as a whole accounted for 18% of total spam arriving at our spam traps."
Over the past 30 days, Trustwave experts said they recorded concentrated bursts of ransomware activity and at one point a peak of 200,000 emails hit their servers in a single hour. Playing in the big league
Infected victims will be told they need to pay bitcoins to get their files back Yet Trustwave is not the only major security firm to be noticing this surge in ransomware activity with […]
