Tuesday, March 22, 2016
An enormous cybercriminal campaign is targeting small and big business alike. These cybercriminals are using a new technique in an effort to infect systems with the file encrypting software. The most common form of ransom payment is via Bitcoin, which are a challenge to obtain. Earlier this year a Los Angeles hospital paid a $17,000 Bitcoin ransom after a Locky infection took down its network.
At that time it was a JavaScrift based downloader which was predominantly used to infect victims in malicious emails but now hackers are starting to use a different sort of infected file to deliver the ransomware payload; DOCM files, the macro-enabled file used in Microsoft Word. Malicious attachments are sometimes accompanied by a message stating that someone else had asked finance files to be forwarded on. This particular campaign targeted organisations across the globe but it was the United States, Japan and South Korea which hackers focused on the most.
Both the number of Locky ransomware downloaders is increasing and that the hackers are constantly changing their tools and techniques, so web users must remain vigiiant to avoid becoming yet another Locky victim. Cybersecurity researchers and the authorities have both warned about the increasing threat of ransomware to corporate and public sector networks.
We at Computer repair Michigan will do our best to help you decrypt your files in the unfortunate event of a becoming a victim of the Locky or similar ransomware. However, the best defense is a good offense! Having multiple/redundant backup solutions in place (both on-premises, as well as off-site) is critical.
by: Daniel Lin