“Locky” is a seemingly cute name for a not-so-cute new strain of ransomware. Like most ransomware, “Locky” renames your files, scrambles the data within, and then locks them down, demanding the end user to pay a hefty ransom for the decryption key.
Like many forms of ransomware, “Locky” is acquired through suspicious email attachments. When the end user opens the attached “Locky” document, they will find that the information within is just a bunch of random symbols and text strings. The document prompts the end user to enable macros to reformat the document to a readable version.
However, once the macros are enabled, the text remains the same, and code is run inside the document instead, saving the file to a disk. The saved file now serves as a downloader for the “Locky” ransomware, fetching it from the cyber criminals who sent it out. Unfortunately for the end user, “Locky” scrambles all files, including videos, images, source code, and office files and can charge anywhere from 0.5 to 1.00 Bitcoins (approximately $200 – $400 USD) for the decryption key. Bitcoins are particularly important to the criminals because it is very hard for law enforcement to identify the users and obtain records, allowing the cybercriminals to get away with your money with very little fear of detection.
Unfortunately, “Locky” scrambles everything – including your Bitcoin wallet file – and removes any shadow copies that Windows may have saved on your drives, forcing you to purchase more Bitcoin to pay up. If you happen to have more Bitcoins in your wallet than the cost of your ransom and no backup, you may end up paying much more than originally requested.
It’s important to remember that ransomware isn’t limited to just your C: drive. It attacks any and all directories and mounted drives it can gain access to, including removable drives, network shares, servers, and other user’s devices. If you’re logged in as a domain administrator at the time of the attack, “Locky” could be doing more damage than you even realize.
Intivix stays up-to-date on all cyber security threats that criminals are utilizing to attack your data and extort money from you.
Luckily, Intivix knows that a simple anti-virus isn’t enough to adequately protect your data from cyber criminals, malware, and ransomware such as “Locky.” Their expert consultants install a multi-layer defense system to keep your data secure and protected, as well as offer backup for an accidental data breach. Give them a call and find out what they can do to protect your network security.