The newest Intrusion Prevention System (IPS) statistics introduced by the Fortinet security research team has revealed that Locky virus family has earned its place among the most active viruses during the first half of 2016. Currently, Locky stands in the second place with 34.36% of all the 68,5 million ransomware attacks recorded. This notorious cyber infection has only been outrun by another ransomware giant — CryptoWall. The extent of its attacks has overstepped the impressive 41 percent barrier. Nevertheless, Locky still managed to take the lead against Cerber — the ransomware that got 24,17% of all infected users panicking about their locked files. The statistics is one thing, but it is even more important to answer the most fundamental question: what exactly has determined Locky’s success?
First of all, Locky developers were among the firsts to begin using large spam campaigns to distribute the ransomware around. From the very beginning, the famous Necurs botnet was (and still is) one of the most active distributors. Earlier in June, its servers went down which sparked hope in the cyber security community that Locky’s activity will be significantly diminished. Nevertheless, the spam campaign was up-and-running in just a few weeks and, apparently, the blackout didn’t affect the spread of the virus as much as it was initially speculated. In fact, the hackers took their time to improve the network during this short break and Locky has returned with even greater attack power. Besides, the virus developers themselves have been actively working on this program and have released a number of its modified follow-ups, including ODIN, Zepto and Shit ransomware. Their efforts seem to have paid off as some of these new versions are now close to bypassing the success of the original. As you can see, Locky family network is complex and well-established. All of the modifications regarding virus distribution, deployment, data encryption and payment system have built up to making Locky the successful malware it is today.
Although nobody could deny that it is extremely dangerous, Locky should not be dreaded. In fact, you should be proactive and make sure your data is safe by making regular backups and keeping them somewhere safe, preferably, on external storage drives or other computers. This way, you will be able to restore your data without any risk of losing it.