The Godfather of Ransomware Returns: Locky is Back and Sneakier Than Ever
After a mysterious disappearance, Locky has reemerged — and is borrowing attack techniques from Dridex.
http://www.zdnet.com/article/the-godfather-of-ransomware-returns-locky-is-back-and-sneakier-than-ever/
By Danny Palmer | April 24, 2017
Just when you were getting over the shell-shock of the Shadow Brokers malware release impacts, now comes news that Locky has returned to foist ransomware on the unsuspecting.
“The ransomware that drove last year’s boom in file-encrypting malware is back, and this time it’s even harder to detect.
Ransomware cost its victims some $1bn during 2016, with Locky one of the most widespread variants, infecting organisations across the globe.
But after being all but written off, Locky is staging a comeback…
This time, however, the Locky campaign is harnessing an infection technique associated with the Dridex botnet, in an effort to boost the chance of compromising targets…
this new form of Locky begins by using a familiar tactic — a phishing email with an attached file the message claims is a document detailing a payment or scanned documents. But rather than the more common practice of attaching a compromised Office document, an infected-PDF is sent instead.”
Read more here
