Kaspersky Lab warns about the new ransomware Trojan it discovered called Locky, that is spreading pervassively across the world, whereby Kaspersky Security Network has already reported Locky attacks in 114 countries – and to date Kuwait has experienced the 3th highest number of attacks at 976. “Ransomware is posing to be one of the fastest growing classes of malicious software.
Our research shows that crypto-trojans carry out attacks in practically all regions of the world. Among other Trojans Locky caught our attention because it was very active and spread very pervasively and quickly. We also noticed that the attacks weren’t partial to any particular region, where we have received notifications about attacks in over 114 countries across all continents – no other ransomware Trojan to date has targeted so many countries at once”, commented Fedor Sinitsyn, Senior Malware Analyst at Kaspersky Lab.
Analysis of the samples has shown that this Trojan is a new ransomware, written from scratch, though being a typical ransomware Trojan exhibiting no major differences from other ransomware families in its internal arrangement or its principles of operation. Locky, encrypts the user’s file, and then displays a message with the cybercriminals’ ransom demands. The Trojan is spread by mass mailings with malicious loaders attached to the spam messages in the form of DOC file.
When the attachment is opened a macros downloads the Locky Trojan from a remote server and executes it, once the user is prompted to clicks on the link, Locky then reads the data and continues with the infection process. As cybercriminals continue to look for new ways to make their victims pay, users can follow these tips to protect themselves against the ransomware like Trojan Locky:
■ Install and regularly update antivirus software products;
■ Regularly run updates for your antivirus databases, operating system and other software installed on your computer;
■ Do not open attachments in emails from senders you don’t know;
■ Back up your files on a regular basis and store the backup copies on removable storage media or in cloud storages – not on your computer;
■ Create a separate network folder for each user when managing access to shared network folders.
SOURCE : ARABTIMES