Locky’s latest ransomware campaign has reportedly attacked one of the largest personnel data centers – the U.S. Office of Personnel Management. Experts fear that this hack may have resulted in the major data theft of approximately 22 million people.
How The Hackers Did It
What is interesting is the irony of the matter. The ones who were responsible for the attacks have been reported to use a very ironical phishing e-mails that aimed to motivate victims through fear that their information is of grave danger, more importantly their bank accounts. The e-mails stated that there is a suspicious activity in their accounts and they included attachments that were pretending to be containing files that have information on their financial movements.
But clicking the files in the archives only makes the situation worse, because it causes a malicious JavaScript to download in an obfuscated manner, the latest Locky virus which is not compromising and encrypts all of the important files, sending the decryption keys to the cyber-criminals. This makes them, the only ones in power who can unlock the files.
The Crooks Want BitCoins
One thing has not changed in ransomware practices all over the world, including Locky – BitCoin. The criminals want a hefty payment of it and they have provided instructions to a website, advertising Locky Decryptor.
Locky and several other ransomware variants have successfully contributed to ransomware becoming one of the biggest malware threats (top 3) for the year 2016.
And not only this, but there are also fears that besides having encrypted the files in not only the U.S. Office of Personnel Management but other organizations as well, the Locky ransomware may also have stolen important data. So besides paying a high ransom amount, like the L.A. hospital which had to pay Locky’s hackers approximately $17000, crucial files may have been stolen from it’s servers.
But when it comes to ransomware we have to know that it uses traditional techniques of distribution that most malware uses. This means that it cannot only be encountered in large scale businesses or individual home computers. The ransomware also infects medium and small businesses and with no less ransom payoff requested by the cyber-criminals.
What about The Future
Since many feel concerned what will happen to ransomware viruses like Locky in the future, be advised that they will most likely evolve in terms of their methods of infection, their post-infection activity and also the types of devices that they attack.
Given that the IoT (Internet of Things) is now a trend and the world is seeing such revolution, many security officials feel concerned that many IoT devices were already compromised and this is very likely to happen again.
This is why it is very important to know how to store your data in a format that cannot be damaged or encrypted by malware and always perform more than one online backup. Also, having a good anti-malware software is also an important part of the process, because if such infections can be stopped on their tracks then backup won’t even be necessary.
