Locky Ransomware Emails Sent to 23 Million Users
A Locky ransomware campaign has sent dangerous emails to 23 million people this week. The email comes with a ZIP attachment (hiding the malware payload) that contains a Visual Basic Script (VBS) file nested inside a secondary ZIP file.
Once a victim tricked into clicking it, the VBS file starts a downloader that downloads the latest version of the Locky ransomware, called Lukitus (which means “locked” in Finnish), and encrypts all the files on the target computer, and appends [.]lukitus to the encrypted data. It then prompts you to download a browser that brings the victim to a site for ransom payment instructions.
Return To Article
