Locky ransomware returns with new tricks up its sleeve

September 5, 2017


Locky ransomware is back, again, delivered with the help of new tricks to fool users and anti-malware defenses.

Massive spam campaign
Delivered through one of the largest spam campaigns in H2 2017 – as many as 23 million sent messages per day – the newest variant adds the .lukitus extension to the encrypted files.

“Once all the victim’s files have been encrypted the attackers leave decryption instructions by changing the desktop background to an image with instructions as well as a HTM file on the desktop aptly named Lukitus[dot]htm,” AppRiver researchers explained.

Read More on Help Net Security