Sunday, April 2, 2017
Locky Hackers Could Hijack Your System When You Open MS Word Doc file
Locky Hackers Could Hijack Your System When You Open MS Word Doc file
Doing so could cripple your system and could lead to a catastrophic destruction.
Hackers are believed to be carrying out social engineering hoaxes by adopting eye-catching subjects in the spam emails and compromised websites to lure the victims into installing a deadly ransomware, dubbed "Locky," into their systems.
So if you find .locky extension files on your network shares, Congratulations! You are infected and left with just two solutions: Rebuild your PC from scratch or Pay the ransom.
Locky ransomware is spreading at the rate of 4000 new infections per hour, which means approximately 100,000 new infections per day.
Microsoft MACROS are Back
It is hard to digest the fact that, in this 2016, even a single MS Word document could compromise your system by enabling Macros.This is where the point to appreciate hackers sheer brilliance of tactics.
Locky ransomware is being distributed via Microsoft 365 or Outlook in the form of an Invoice email attachment (Word File that embeds viciousmacro functions).
The concept of macros dates back to 1990s. You must be familiar with this message:
"Warning: This document contains macros."
Now macros are back, as cyber criminals discover a new way to get internet users to open Microsoft Office documents, especially Word files that allow macros to run automatically.
Also Read:
- Facebook Hacking Software - The Windows-based Trojan That Has Accelerated Globally
- Kali Linux Tutorial: DDoS Attack Using GoldenEye Tool In Kali 2.0 (Sana)
- Hack Facebook Account In Same Wi-Fi Network Using Faceniff Android App
How Does Locky Work?
Here comes the bad part:
- Once the victim enables the macro (malicious), he/she would download an executable from a remote server and run it.
- This executable is nothing but the Locky Ransomware that, when started, will begin to encrypt all the files on your computer as well as network.
Once encrypted, the ransomware malware displays a message that instructs infected victims to download TOR and visit the attackers website for further instructions and payments.
Locky ransomware asks victims to pay between 0.5 and 2 Bitcoins ($208 to $800) in order to get the decryption key.
One of the interesting note on Locky is that it is being translated into many languages, which heighten its attack beyond English boundaries to maximize the digital casualties.
Locky Encrypts Even Your Network-Based Backup Files
The new ransomware also has the capability to encrypt your network-based backup files. So its time for you to keep you sensitive and important files in a third party storage as a backup plan in order to evade future-ransomware infections.A researcher named Kevin Beaumont along with Larry Abrahms of BleepingComputer initially discovered the existence of Locky encrypted virus.
To check the impact of Locky, Kevin successfully intercepted the Locky traffic yesterday and realized that the cryptovirus is spreading out rapidly in the wild.
"I estimate by the end of the day well over 100,000 new endpoints will be infected with Locky, making this a genuine major cybersecurity incident — 3 days in, approximately a quarter of Million PCs will be infected," Kevin said in a blog post.
One hour of infection Statistics:
Available link for download
