Recently, the word “Locky” might have been uttered more times than “hello” to a stranger. It is not surprising since the creators of this frightening ransomware are about to introduce Black Friday and Cyber Monday campaigns to multiply the scale of damage. A few days ago, Locky dashed through Facebook by spreading with the help of the malicious .svg file under the disguise of an image. We have also seen this virus using fake Adobe Flash Updates and misleading, shopping-related emails, fake warnings from official institutions and hacking techniques. While in the beginning of its distribution the virus mainly attacked companies, today every user risks to be targeted by this cyber menace called Locky.
The virus has exceptionally changed in recent months — its owners “surprised” us with ODIN, Thor virus, Aesir and the latest one called ZZZZZ ransomware. The malware has also changed its distribution methods and switched to the most popular social network called Facebook. Beware that, regarding upcoming Black Friday and Cyber Monday events, Locky is expected to exploit the names of well-known shopping companies, such as Amazon, Wallmart or Ebay. According to the reports, it has already disguised itself as the email sent from email@example.com. The binary with the malware is placed in ORDER_[random numbers].zip folder. Consequently, it contains .js file which is linked to a couple of websites. Within seconds, the true .dll file with Ransom:Win32/Locky.A trojan is downloaded.
We should also warn you that you can be contacted by Locky developers directly. The database of potential victims is collected thru various hacks and similar cyber attacks. The Office of Personnel Management and other governmental authorities are the main targets because they are responsible for contacts of millions of users. Unfortunately, as the previous cases reveal, such data is used to contact the targeted users directly and deliver the ominous attachment with Locky virus. Certainly, the news is not reassuring for any user as he or she may worry about the approaching Locky virus. However, besides updating the security programs, users should keep in mind several prevention tips: whether it is a message sent from Amazon, the FBI, or the OPM, make sure you look for grammar and typo mistakes. Such obvious errors might suggest you the presence of a highly destructive virtual threat.