Jump to content
View in the app

A better way to browse. Learn more.
KH13 · for Kingdom Hearts

A full-screen app on your home screen with push notifications, badges and more.

To install this app on iOS and iPadOS
  1. Tap the Share icon in Safari
  2. Scroll the menu and tap Add to Home Screen.
  3. Tap Add in the top-right corner.
To install this app on Android
  1. Tap the 3-dot menu (⋮) in the top-right corner of the browser.
  2. Tap Add to Home screen or Install app.
  3. Confirm by tapping Install.

BEWARE: Locky Ransomware spreading fast

Posted

There's a new ransomware making the rounds called Locky. Like Cryptolocker and other ransoms, this virus encrypts your files (RSA 2048 bit) and forces you to pay a fee (usually 0.5 BTC) to unlock them with a custom decryption program. This virus differs from other ransoms in that it uses spam emails (Invoice emails) to trick the user into opening a word document; that word document will contain scrambled text prompting the user to enable macros; once macros are enabled, the virus downloads the payload from the command and control server and then encrypts your files within a matter of hours. Currently, there is no way to decrypt the files aside from paying the ransom WHICH YOU SHOULDN'T DO!

 

How to protect yourself:

 

- Make sure your antivirus definitions are up to date 

- Don't enable macros on word

- Don't open the spam emails containing the infected word documents 

- BACKUP YOUR SYSTEMS. I cannot stress this enough. Locky removes shadow copies so trying to get the files back with a program like shadowexplorer is not guaranteed

 

 

Malewarebytes article source: https://blog.malwarebytes.org/threat-analysis/2016/03/look-into-locky/

  • Quote

    • Featured Replies

    Thanks for this info: I literally got an email like you're describing today. 

  • Quote

    Interesting. I just got an Xbox Live invoice that contains a Word document called "noname.txt."

    Good thing I didn't open it, regardless of whether or not it actually contains the Locky malware.

     

    EDIT: lol, can't even believe I said that. .txt isn't even a Word document.

     

    go to sleep, rocketboy, it's 2 am

    Edited by Rocketboy227

  • Quote

    Happened to me once many years ago. I freaked out for a hot second because Comcast (the real Comcast) had just emailed me saying they suspected my computer of being part of a bot net, which given that this thing activated later one, it probably was.

     

    There's a few solutions, backups being one of them. You can also download a cleaner program, save it on a USB, then sideload it from the command menu if your computer does end up being locked, which is what I did last time.

  • Quote

    • Join the conversation

    You can post now and register later. If you have an account, sign in now to post with your account.

    Guest
    Reply to this topic...
    https://www.kh13.com/forums/topic/95820-beware-locky-ransomware-spreading-fast/
    Go to topic listing

    Configure browser push notifications
    Chrome (Android)
    1. Tap the lock icon next to the address bar.
    2. Tap Permissions → Notifications.
    3. Adjust your preference.
    Chrome (Desktop)
    1. Click the padlock icon in the address bar.
    2. Select Site settings.
    3. Find Notifications and adjust your preference.
    Scroll to the top