August saw a new wave of spam emails being circulated with variants of the Locky ransomware. Reportedly, over 23 million emails of this nature have been sent under common subject lines such as “Please print”, “Documents”, “Scans”, “Photos”, “Pictures” and “Images” in just 24 hours. The perpetrators of this menace have been demanding a ransom of half a bitcoin, which is presently equivalent to $2,150, to install a special software which is supposed to be the “Locky decryptor”.
What is Locky?
First released in 2016, Locky is an email-based ransomware malware which is delivered through email attachments in the form of a .zip file, fake links to Dropbox locations and even fake voice mail messages. These files contain malicious ‘macros’ – a virus that is written in a programming language which is embedded inside a software application. What basically happens is that the user opens this attachment and finds a block of meaningless text. This text consists of a sentence that says – “Enable macro if data encoding is incorrect,” a social engineering technique. If the user opens these attachments, his/her machine becomes fully encrypted, leaving all information completely inaccessible.
Followed by WannaCry and Petya, Locky is touted to be one of the largest malware attacks in the second half of 2017. The threat of this malware seeping into the corporate networks is still looming over our heads and here’s what we can do to prevent it from crippling us:
- Take regular backups of critical files stored on your computer
- Do not open emails received from unknown senders
- Do not click on email attachments unless you are familiar with the sender or you were expecting that particular attachment
- In case you notice a suspicious activity on your device, reach out to your IT team immediately
- Use an antivirus program
- Make sure that your system is patched and is running on the latest updated version of the OS
We’re living in an era where ransomware development kits are being sold on underground forums. These kits negate the need to have any coding skills and can be easily built on Android phones by wannabe cyber criminals. In times like these, the best defense against these crippling attacks is you. We request you to remain vigilant and practice caution.