Call: 1300 422 542

A new strain of Locky ransomware in the wild

Avira Virus Lab researchers detected a new variant of the well-known Locky ransomware in the wild. This has been seen attached to what look like legitimate documents from standard applications such as Microsoft Word and Libre Office.

Once you open the document a set of actions will end in all valuable files being encrypted.

For those more technical:

  1. The click on the file will trigger a number of PowerShell commands, which you can see as they are in plain text.
  2. It downloads a Windows application which includes several stages in order to confuse and obfuscate itself, tricking people into thinking it’s a clean file.

This second file is the responsible for encrypting your files on your computer.

As you can see, the bad guys don’t stop creating new stuff to keep us busy.

Remember to keep a good security hygiene when browsing the internet and opening attachments.

Be safe out there. Until next Malware Monday.

Share This Post
Subscribe To Our Newsletter
Name*
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

More To Explore

In The Media

2 Great Companies Come Together

A sign of further consolidation in the Australian ICT channel as Brisbane’s Azentro buys Adelaide’s Calibre One. The enlarged group, with combined sales of $A35m

Read More »

Find out what our team can do for your business.

Let us know how we can help

Contact Us
Name*
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.