After WannaCry, government issues alert against dangerous Locky Ransomware
What's the story
Government of India has issued an alert against Locky Ransomware, a high-intensity virus that can lock your computers and demand ransom for unlocking them. As per the alert, Locky is already doing rounds through spam mails and is using fake download links to bait users. The alert comes only a month after India was hit by the WannaCry ransomware attack. Here's more about Locky.
Do you know?
What are the WannaCry attacks?
The WannaCry ransomware was used in a massive cyber attack in May 2017. It affected organizations in 99 countries including UK's National Health Services and at least 48,000 Indian systems. The ransomware, which targets vulnerabilities in Windows, demanded $300 in Bitcoins for unlocking infected systems.
Twitter Post
Government alert on Locky ransomware
Alert regarding spam spreading Locky ransomware issued today by @IndianCERT https://t.co/6zBRjRww8k
— Ajay Kumar (@drajaykumar_ias) September 2, 2017
Remain Cybersafe Enjoy Cyberspace
Spam
How is Locky getting around?
According to the alert issued by the Cyber Swachhta Kendra, Locky is getting around through a massive wave of spams. At least 23 million spam mails have been circulated as part of the "campaign". Reportedly, fake Dropbox links are also being used to bait users. These contain common subject lines including "please print" and "images", although these may vary in targeted phishing campaigns.
Detecting infection
Is your system infected?
All files in a system infected by Locky Ransomware appear as encrypted files stringed with random numbers. These come attached with the extensions "[.]diablo6," " [.]lukitus." or ".locky." After Locky locks or encrypts the system, the desktop background displays instructions and an htm file named "Lukitus[dot]htm." These instructions provide details about installing TOR browser and demands a ransom of 0.5 Bitcoins (Rs. 1,50,000).
Information
How to counter Locky Ransomware?
"Users are advised to exercise caution while opening e-mails and organizations are advised to deploy anti-spam solutions and update spam block lists," states the government alert. It further lists backing up data, updating anti-virus and other software and safe web-browsing among other counter measures.