Tag Archives: Ransomware

A closer look at the Locky ransomware

      No Comments on A closer look at the Locky ransomware

Today, we bring you a deep look into the latest ransomware called Locky. This new file encryptor, targeting PC users, has most likely been created by authors of the well-known Dridex botnet and is spread the same way.

Locky uses all “top class” features, such as a domain generation algorithm, custom encrypted communication, TOR/BitCoin payment, strong RSA-2048+AES-128 file encryption and can encrypt over 160 different file types, including virtual disks, source codes and databases.

We monitored the Locky family this past month and discovered a second variant of the malware, which has new features and program code improvements. Locky’s authors added a new hard-coded seed to the domain generation algorithm, which allows them to deactivate Locky on Russian PCs.

Infection vector

Locky is spreading via spam email campaigns that are similar to those used by the Dridex botnet. They use similar file names, obfuscation, email content and structure of download URLs.

We have observed three different campaign versions of Locky and have described them below.

Below is an example of one of the spam emails. The emails are designed to make people believe they were sent from large companies such as Nordstrom, Symantec and Crown Holdings.

Hospitals and healthcare providers under cyberattack

The recent ransomware attack on the Hollywood Presbyterian Medical Center in Los Angeles has spooked the healthcare community. Hackers installed *ransomware in the hospital computer system and held patient records hostage while demanding payment. The hospital eventually paid $17,000 to have their files unlocked. Attacks on major insurance and healthcare systems last year including Excellus […]

2016: The Year of Spying Microwaves and Hijacked Cars

The security stakes only seem to be rising when it comes to the threats that affect us as modern-day consumers.   Over the past year, we have seen a list of notable mobile threats that put people’s privacy at risk. Previously unseen vulnerabilities surfaced, such as Certifi-gate and Stagefright, both of which can be exploited […]

How my TV got infected with ransomware and what you can learn from it

A look at some of the possible ways your new smart TV could be the subject of cyberattacks.Read More

Proof-of-concept threat is reminder OS X is not immune to crypto ransomware

Symantec analysis confirms that in the wrong hands, Mabouia ransomware could be used to attack Macs.Read More

Android ???????????Material Design ???????????

Android.Lockdroid.E は、Google のデザイン言語とオープンソースプロジェクトを利用して、身代金を支払うようユーザーを欺こうとしています。

Read More

Android ransomware uses Material Design to scare users into paying ransom

Android.Lockdroid.E uses Google’s design principles and a popular open-source project to trick users into paying its ransom.

Read More

Android 6.0 Marshmallow ?????????????????

      No Comments on Android 6.0 Marshmallow ?????????????????

間もなくリリースされる Android 6.0、「Marshmallow」における最新の更新で、モバイルランサムウェアが画面ロックの機能を実装することは困難になります。

Read More

Android Marshmallow will not go soft on mobile ransomware

Recent updates in the upcoming Android 6.0, a.k.a. Marshmallow, will challenge mobile ransomware’s ability to lock screens.

Read More