subscribe: Daily Newsletter

 

Locky ransomware targets SA users

0 comments

South Africa has experienced the sixth-highest number of Locky ransomware attacks in the world, at 220.
Kaspersky Lab warns that this ransomware is spreading pervasively across the world, whereby Kaspersky Security Network has already reported Locky attacks in 114 countries.
Analysis of the samples has shown that this Trojan is a brand new ransomware threat, written from scratch. However, the analysis has also shown that Locky is a typical ransomware Trojan, where it exhibits no major differences from other ransomware families in its internal arrangement or its principles of operation.
Locky encrypts the users file, and then displays a message with the cybercriminals ransom demands. To spread the Trojan, cybercriminals send out mass mailings with malicious loaders attached to the spam messages. The malicious spam messages contain an attached DOC file with a macro that downloads the Locky Trojan from a remote server and executes it, once the user is prompted to click on the link – Locky then reads the data and continues with the infection process.
According to Fedor Sinitsyn, senior malware analyst at Kaspersky Lab: “Ransomware is posing to be one of the fastest growing classes of malicious software.  Our research shows that crypto-trojans carry out attacks in practically all regions of the world. Among other Trojans, Locky caught our attention because it was so active and spread so pervasively and quickly. We also noticed that the attacks weren’t partial to any particular region, where we have received notifications about attacks in over 114 countries across all continents – no other ransomware Trojan to date has targeted so many countries at once.”
As cybercriminals continue to look for new ways to make their victims pay, users can follow these tips to protect themselves against the ransomware Trojan Locky at all stages of the attacks:
*  Install and regularly update anti-virus software products, as these products continue to be a good first line of defense, where they have blocked Locky attacks in over 100 countries around the world;
* Do not open attachments in emails from senders you don’t know;
* Back up your files on a regular basis and store the backup copies on removable storage media or in cloud storages – not on your computer;
* Regularly run updates for your antivirus databases, operating system and other software installed on your computer; and
* Create a separate network folder for each user when managing access to shared network folders.