Locky Ransomware Returns with Spam Campaign Pushing Diablo6 Variant

9th August 2017  By Lawrence Abrams


Through a large malspam campaign, Locky is back and currently being heavily distributed worldwide. While Locky was at one point considered the largest distributed ransomware, over time it became much more common to see other ransomware such as Cerber, Spora, and now even GlobeImposter. While it is too soon to tell if this is just another brief surge or an attempt to become a large player again, what we do know is that this particular campaign is strong with a wide distribution.

Locky Diablo6 variant being distributed via Spam Emails


Today, security researcher Racco42 discovered a new Locky malspam campaign that was pushing a new Locky variant that appends the .diablo6 extension. This campaign is being distributed through spam emails that contain subject lines similar to E [date] (random_numer).docx. For example, E 2017-08-09 (698).docx.  The message body simply states “Files attached. Thanks”.


Locky Diablo6 Variant SPAM Email
Locky Diablo6 Variant SPAM Email


Full Article.

Take a look at the best antivirus, anti-malware, anti-spy, etc. software

Powered by WPeMatico