Browsing tag
Avira firm detected a new strain of the Locky ransomware that is spreading through malicious attachments disguised as legitimate Libre and Office documents. Researchers at Avira Virus Lab detected a new strain of the Locky ransomware that is spreading through malicious attachments disguised as legitimate documents from productivity applications like Microsoft Word and Libre Office. The new Lock […]
Locky Ransomware has a piece of a history of going silent and growing back all of a sudden.It is evolving again and spreading via Microsoft Office Word documents. A new wave of locky spreading through Office word documents and well as Libra office documents and the attachment looks like below. Security researchers from Avira detected […]
A Dangerous Necurs malware evolving again and spreading via new email campaign by Necurs bots or hacked web servers and mainly taking a screenshot of infected victims screen. Necurs malware calls it as downloader or loader which infect the bootloader and download the second level of payloads like Ransomware or other persistent malware. Recent days […]
The onset of Locky Ransomware campaign was thought to be evolutionary, but around the clock the campaign has grown to be revolutionary. We had been monitoring and sharing Locky campaign updates since last month till date. It was observed that almost 23 million messages were sent in last 24-hour period, making it one of the largest […]
Nowadays Trending Dangerous Ransomware “Locky” Discovered that used to spreading via Malicious Email Spam campaign with attached malicious JavaScript (.js) that links to fake Dropbox pages. The Locky Ransomware re-emerging continuously day by day with new email distribution campaign and its has reported by many Security Research Firm and identified as one of the Fastly Spreading Malware […]
Locky Ransomware has a piece of a history of going silent and growing back all of a sudden.Security experts at Appriver detected this new campaign. In span of 24 hours over 23 million messages sent out in the attack, which makes it one of the biggest malware campaign in latter half of 2017. Locky Ransomware […]
Experts spotted a new EITest campaign leveraging HoeflerText Popups to target Google Chrome users and push NetSupport Manager RAT or Locky ransomware Security expert Brad Duncan with both the SANS Internet Storm Center and Palo Alto Networks’ Unit 42, has spotted a malware campaign leveraging bogus popups that alert users to a missing web-font. The crooks are targeting Google […]
Summer vacation is over! During the past week, security researchers have discovered several distribution campaigns pushing the Locky ransomware via different methods, including a new variant that features one hell of a clever trick. Spotted by Malwarebytes researcher Marcelo Rivero, this distribution campaign comes from the Locky group that uses the affiliate ID #5. On-close Word […]
***UPDATE*** In the past 24 hours we have seen over 23 million messages sent in this attack, making it one of the largest malware campaigns that we have seen in the latter half of 2017. Malicious email campaign As many US workers were arriving to their offices, a massive malicious email campaign began attempting to reach […]
Cerber ransomware which gained popularity and evolved one of the fast growing ransomware families that infiltrate the system and encrypts various file types including .jpg, .doc, .raw, .avi, etc. It adds a .cerber extension to each encrypted file. Following successful infiltration, Cerber demands a ransom payment to decrypt these files. Also Read A complete Lookback […]
In case you receive an photo document sent by way of a person, even your pal, to your fb Messenger, LinkedIn or any other social media platform, just DO not ON IT. Even JPG photograph file ought to in the end infect your pc with the notorious Locky Ransomware. Earlier this week, we mentioned a […]
Short Bytes: The notorious hackers are using Facebook messenger to spread dangerous Locky ransomware. They are sending malicious .SVG files in Messenger to lure the users into downloading further malware. The users need to immediately check their Chrome extensions and look for suspecting entries. They are also advised to change the Facebook passwords. Security researchers have […]
Researchers have discovered a new hacking campaign leveraging on Facebook Messenger to spread the Locky ransomware via SVG images. The Locky Ransomware is spread via a downloader, experts noticed that it is able to bypass Facebook defense measures by pretending to be a harmless image file. The campaign was first spotted during the weekend by the malware […]
To further show how ransomware is such a pile of crap, a new version of Locky has been released that appends the .shit extension on encrypted files. Like previous variants, this ransomware is installed using a DLL that is executed by Rundll32.exe. Once executed, it will encrypt targeted file types and append the .shit extension to the name of encrypted files. Rundll32.exe […]
Short Bytes: A man named Ivan Kwiatkowski managed to install Locky ransomware on the machine of a person who was pretending to be a tech support executive of a reputed company. Ivan wrote his experiences in a blog post tells that how the tech support scammer fell into the pit he dug for innocent people. […]
By mid-July 2016, the Afraidgate campaign stopped distributing CryptXXX ransomware. It is now distributing the “.zepto” variant of Locky. Afraidgate has been using Neutrino exploit kit (EK) to distribute malware after Angler EK disappeared in early June 2016. As we previously reported, this campaign continues to utilize gate domains using name servers from afraid.org. Changing […]
A new wave of Locky malware emails have been making the rounds since yesterday — July 20, 2016 — with a critical new development, whereby the Windows executable is now embedded in JavaScript. Essentially, the attached JavaScript file has evolved from being a downloader component into becoming the actual ransomware. These JavaScript variants were detected […]
Spam wave originated from Indian and Vietnamese IPs. Multiple security firms are reporting on a gigantic wave of spam email that delivers malicious JavaScript file attachments, laced with downloaders for the Locky ransomware. Until now, two different companies reported on this event, ESET and Proofpoint, the latter even going as far as calling it as one […]
Security experts warn companies need to brace for new harder-to-detect and more determined variants of the Locky ransomware spotted recently in the wild. The news comes just as reported Locky ransomware attacks have waned in recent weeks. Locky is now trying to evade detection by changing the way the ransomware communicates from an infected computer […]
If you receive a mail masquerading as a company’s invoice and containing a Microsoft Word file, think twice before clicking on it. Doing so could cripple your system and could lead to a catastrophic destruction. Hackers are believed to be carrying out social engineering hoaxes by adopting eye-catching subjects in the spam emails and compromised […]