Halting the ransomware blackmail wave

Oct. 8, 2017 0 comments ADMIN Magazine Encryption & Authentication encryption firewall security

Since February, there have been continuous waves of Locky infection. Windows users are attacked by drive-by downloads or email attachments. After infection, the malicious program encrypts individual files or even the entire hard disk, and demands an anonymous Bitcoin ransom payment from its victims. Locky, an encryption trojan, has found many victims, including well-known corporations and institutions. The trojan changes almost weekly and is known under the following names: Ransom: Win32/Locky.A: TrojanDownloader: O97M/Bartallex TrojanDownloader: BAT/Locky.A TrojanDownloader: JS/Locky.A Encrypt and Blackmail The name "Locky" already suggests its function. The ransomware encrypts files on the affected computer, on network drives, and even in the cloud, thanks to synchronization. These data can only be restored if you have the decryption key or have made copies of the files on an external, non-affected storage medium. Locky searches specifically for audio files, documents, movies, ima...