9th August 2017 By Lawrence Abrams
Through a large malspam campaign, Locky is back and currently being heavily distributed worldwide. While Locky was at one point considered the largest distributed ransomware, over time it became much more common to see other ransomware such as Cerber, Spora, and now even GlobeImposter. While it is too soon to tell if this is just another brief surge or an attempt to become a large player again, what we do know is that this particular campaign is strong with a wide distribution.
Locky Diablo6 variant being distributed via Spam Emails
Today, security researcher Racco42 discovered a new Locky malspam campaign that was pushing a new Locky variant that appends the .diablo6 extension. This campaign is being distributed through spam emails that contain subject lines similar to E [date] (random_numer).docx. For example, E 2017-08-09 (698).docx. The message body simply states “Files attached. Thanks”.
Powered by WPeMatico