Hackers Spreading Locky Ransomware Virus Through Social Engineering Hoaxes.
It is considered as the most tactical ransomware ever created. The reason behind this is the method of spreading. The infectious rate is high as the rate is 4000 systems per hour that mean 1,00,000 infections at the end of the single day.
And interestingly; the message displayed to pay the ransom is shown in all languages, depending upon the region of infection.
How is it spreading?
Hackers are believed to be carrying out social engineering hoaxes by adopting eye-catching subjects in the spam emails and compromised websites to lure the victims into installing Locky.
It is being spread through the email by claiming as “ATTN: Invoice J-68522931” attachment. Opening the word document would display the message to activate the macros as the by default disabling of macros would not view the invoice.
But when the user enables the macros, then the malicious macros which are embedded in the word file gets activated and would take up the system and encrypts each and everything. Finally, it converts every file into .locky extensions.
Impact Of System
After enabling the macros, it infects the whole system within a fraction of seconds. Once encrypted, the ransomware malware displays a message that instructs infected victims to download TOR and visit the attacker's website for further instructions and payments.
As it is no different from another ransomware model; it demands the ransom about 2 BTC to retrieve the files back within a stipulated period.
How to Protect?
As this ransomware depends on the high critical section, there are new tools available like automatic cleaner which removes the .locky extensions.
But it is recommended to prevent the system from getting infected from such a disastrous attacks. As steps above could be useful to get away the system from such attacks like the isolation of backed up files and updating of Antivirus/Antimalware programs, which could fix the hole of ransomware.
About The Author:
Rakesh Krishnan is a Trainee Security and Technology Writer. He is a Security Evangelist, Passionate about Information Security and Penetration Testing. His Special Field of Interests include Espionage, Bitcoin Dark Web and much more.