Locky ransomware spreading via email spam: Here’s how you can protect your PCs

The ransomware once activated locks the data available on a computer or server and demands payment to unlock it usually in the form of Bitcoins crypto currency.

  1. Techook
  2. How To
  3. Locky ransomware spreading via email spam: Here’s how you can protect your PCs

According to Indian Computer Emergency Response Team (ICERT), Locky ransomware is spreading via massive email spam. Reports suggest that more than 23 million spam emails have been circulated so far, ICERT said in a statement. The central government said on Saturday that messages circulated in the campaign consist of common subjects such as please print, documents, photo, Images, scans, and pictures.

The messages include .zip attachments in addition to Visual Basic Scripts (VBS) in a secondary zip file. The script carries a downloader that points to a malicious website containing variants of Locky ransomware. Notably, the Ministry of Electronics and Information Technology Government of India first issued an alert regarding Locky ransomware in February 2016.

locky-ransomware-email-spam

The ransomware once activated locks the data available on a computer or server and demands payment to unlock it usually in the form of Bitcoins crypto currency. Once the system is infected, all files will be encrypted, and desktop background will be changed with instructions containing the installation of TOR browser and visiting .onion sites. These sites will demand ransom in the form of Bitcoins in order to unlock all files.

Also Read: How to secure your Google account and why it is more important than you think

“It is also reported that a spam campaign showing links to fake Dropbox sites is being used to spread Locky variants. If the pages are viewed in Chrome or Firefox, they show a fake notification stating “you don’t have the HoeflerText font.” These fake notifications had an “update” button that returns a malicious JavaScript (.js) file,” said ICERT.

Tips to stay safe against Locky ransomware

1)  First and foremost, make sure that your system is updated. Your system must also have latest security patches installed to protect against such cases.

2) Don’t open attachments in unsolicited emails even if they come from people in your contact list. Never click on malicious URLs contained in such emails.

3) Keep third-party applications such as MS Office, web browsers, and extensions up-to-date with latest security patches. Disable ActiveX content in MS Word, Excel, etc.

4) There are many internet and security firms that offer a wide range of security plans covering a range of issues with regards to ransomware.

5) Keep a backup of all your data, in case your permanently lose access to some of your important files.

6) Enable personal Firewall on workstations.

7) Take a look at these five simple ways to protect your phone from malware, ransomware and viruses.

A few months ago, WannaCry ransomware made headlines spreading over 230,000 computers. The ransomware hit 150 countries including India and demanded ransom in Bitcoins.