Cybercrime has become a growing concern throughout the world and ransomware is leading the pack. Ransomware, for those uninformed, is a method of cyber-attack in which hackers block access to your personal data and demand money to unblock it.
In the past few months, two major breakouts, WannaCry and Petya wrecked havoc by paralysing many users and organizations into paying ransom. Now, Locky ransomware is the newest one being spread through spam emails by cyber criminals. Taking a note of this, The Indian Computer Emergency Response Team (CERT-In) has issued an alert regarding Locky ransomware on its website. Here’s everything you need to know about the latest ransomware attack spreading in India and throughout the world.
What is Locky Ransomware?
The Locky ransomware attack is similar in nature to WannaCry. Although it has been in existence since more than a year now, the attacks are becoming prevalent since August 9 this year. A new version of Locky is now being spread via spam emails which is said to be more lethal in nature. As per Appriver, a cybersecurity firm, the Locky ransomware has been spread through 23 million messages which makes it one of the biggest malware campaigns in a long time.
How to know if it’s Locky Ransomware?
If you receive an email which comes with a file extension of ‘diablo6’, it’s most probably a malware belonging to this campaign. Apart from this, new variants also come with an extension of ‘.Lukitus’. This extension is typically used for encrypted files. The word Lukitus in French means ‘locking’, which is basically what is does to your computer. Most of such emails have ambiguous subject titles such as ‘pictures’, ‘documents’, ‘images’ and something along the same lines.
As soon as you open the email attachment, your computer will download the malware and lock down your data. Once the ransomware is downloaded to your system, the desktop background is changed to a html file named ‘Lukitus(dot)htm’. The hackers instruct the affected user to pay in cryptocurrencies such as bitcoins for an amount up to 0.5 bitcoins. Then, they are instructed to download the TOR browser through which the locked files can be decrypted.
How can you prevent your computer from Locky Ransomware?
Although there are no active tools which can prevent Locky from harming your computer once installed, you can still take preventive measures to ensure it doesn’t affect you.
As a method of prevention, you should never try to download or engage with mails which have files with unknown extensions. If the mail is from an unknown source, no matter how lucrative it might seem, refrain from engaging with it in any manner and immediately trash it. Alternatively, have concrete backup of your important files so that you can recover them without paying ransom. Having a good anti-virus might help as well.