India

After WannaCry, government issues alert against dangerous Locky Ransomware

03 Sep 2017 | By Anupama Vijayakumar
Protect your systems from Locky Ransomware: Government alert

Government of India has issued an alert against Locky Ransomware, a high-intensity virus that can lock your computers and demand ransom for unlocking them.

As per the alert, Locky is already doing rounds through spam mails and is using fake download links to bait users.

The alert comes only a month after India was hit by the WannaCry ransomware attack.

Here's more about Locky.

In context: Protect your systems from Locky Ransomware: Government alert

03 Sep 2017After WannaCry, government issues alert against dangerous Locky Ransomware

What are the WannaCry attacks?

The WannaCry ransomware was used in a massive cyber attack in May 2017. It affected organizations in 99 countries including UK's National Health Services and at least 48,000 Indian systems. The ransomware, which targets vulnerabilities in Windows, demanded $300 in Bitcoins for unlocking infected systems.
Love India news?
Stay updated with the latest happenings.

Government alert on Locky ransomware

How is Locky getting around?

SpamHow is Locky getting around?

According to the alert issued by the Cyber Swachhta Kendra, Locky is getting around through a massive wave of spams.

At least 23 million spam mails have been circulated as part of the "campaign". Reportedly, fake Dropbox links are also being used to bait users.

These contain common subject lines including "please print" and "images", although these may vary in targeted phishing campaigns.

Detecting infectionIs your system infected?

All files in a system infected by Locky Ransomware appear as encrypted files stringed with random numbers. These come attached with the extensions "[.]diablo6," " [.]lukitus." or ".locky."

After Locky locks or encrypts the system, the desktop background displays instructions and an htm file named "Lukitus[dot]htm."

These instructions provide details about installing TOR browser and demands a ransom of 0.5 Bitcoins (Rs. 1,50,000).

How to counter Locky Ransomware?

"Users are advised to exercise caution while opening e-mails and organizations are advised to deploy anti-spam solutions and update spam block lists," states the government alert. It further lists backing up data, updating anti-virus and other software and safe web-browsing among other counter measures.