Curious to know how many people or especially companies that you work for have been hit by The Locky Malware. Heard a lot of Small/Medium business especially have been hit and a few have had to cough up to get the encryption key to unlock their data.
Locky Malware/Virus - How Many Have Been Affected in The Recent Wave of Attacks
soyea on 23/03/2016 - 21:23
Comments
What was the cause?
It's apparently riding in word document macros but it's probably only one out of many methods to trick people into installing untrusted stuff.
oh! found it. Here is what it looks like when it attacks
https://www.reddit.com/r/sysadmin/comments/463zur/repost_wat…its main way of spreading is through fake zip and doc files claiming to be an invoice. So whoever wrote the cryptoware is targeting businesses.
Our was a fake e-mail from auspost saying a package couldn't be delivered and to print off the collection form and bring it to the post office allong with standsrd id.
Thanks to both of you for the info!
Heard of a number of identical reports from people who got caught.
Very easy for people not on guard. (Of course if you're eagerly waiting for a delivery of eneloops….)
My big corporate employer turned off clicking links in outlook we were being hit so often.
Must be great money for the off site back up people, restoring things daily.
Your big corporate employer must have a tiny IT budget or really incompetent IT technicians. A single UTM can go a long way ;)
scrimshaw Thanks for posting that. :)
I believe they tried to get me a few days ago as I was sent a random invoice doc file from some boat repair/equipment shop in Perth the business actually existed but I haven't used them or bought a boat or own a boat. Email was sent from some random garbage email address. Made it through 2 spam filters into my inbox in outlook 2010 not even my junk folder too.. :(
I nearly opened it as I thought doc files can't do any harm. I thought exe and zip files where the only ones too avoid. Now I know that isn't exactly true. :)
Reminds me of the 'urgent' request from my bank to verify my online credentials.
Signed not with the usual ABN and legal stuff at the bottom but "Shenzen Shoe factory".
I had a hunch it may not have been totally legit unless the bank changed ownership. :)Maybe just use common sense before opening an email. Would the post office really send you a word document or a zip file?
It isn't common sense to everyone, I regularly recieve e-mails from auspost in particular my post telling me about my packages.
He isn't the most tech savvy person. On top of this they are also scanning social media for personal details to include in these e-mails.
I lost almost all of my data and a lot of money because of this goddamn locky..
updt. Yesterday my friend managed to decrypt all infected files with a help of TrendMicro Decryption tool (https://success.trendmicro.com/solution/1114221) and this guide (http://manual-removal.com/locky-files/)!
Prevention wise try opendns dns servers on your pc and routers. Free and provides some level of security for ransom / botnets
dad's PC was hit about a week ago. Only browses the web and reads e-mails so nothing important lost.