Hackers launch massive Locky ransomware campaign

By

More than 23 million messages sent.

Researchers are warning that miscreants have sent a massive amount of phishing emails that will attempt to download the Locky ransomware and encrypt user files.

Hackers launch massive Locky ransomware campaign

Security vendor AppRiver said it has seen more than 23 million messages sent in the attack. It claims the campaign is one of the largest ransomware attacks seen so far.

The email messages are non-descript with subject lines such as "please print", "documents" and "scans", AppRiver said.

Clicking on the ZIP compressed attachment launches a Visual Basic Script file that downloads Locky and executes the ransomware.

Locky encrypts files on victims' computers, appending the .lukitus suffix to them. Users are instructed to pay a ransom of 0.5 Bitcoin (A$2975) to decrypt the files.

Victims are asked to install the anonymising The Onion Router (TOR) network browser, which takes users to a decryption service if they pay the ransom. Whether or not the attackers will provide a working decryptor after being paid is unclear.

Locky has been active since early 2016 and has been updated this year. It spreads as an attachment to spam emails.

There is currently no way to decrypt the scrambled files created by the Locky Lukitus variant.

Got a news tip for our journalists? Share it with us anonymously here.
Copyright © iTnews.com.au . All rights reserved.
Tags:

Most Read Articles

Ex-student charged over Western Sydney University cyberattacks

Ex-student charged over Western Sydney University cyberattacks

SA Water plans 'once-in-a-generation' core technology uplift

SA Water plans 'once-in-a-generation' core technology uplift

WhatsApp banned on US House of Representatives devices

WhatsApp banned on US House of Representatives devices

Victoria's first government tech chief steps down

Victoria's first government tech chief steps down

Log In

  |  Forgot your password?