Users receiving emails claiming to be company invoices and containing a Word.doc should think long and hard before opening them.

Hackers are carrying out sophisticated social engineering techniques and luring victims into installing a destructive new ransomware deemed Locky that is said to be spreading at a rate of 4,000 new infections per hour.

Locky typically spreads by tricking users into opening a Word attachment sent to them through Microsoft 365 or Outlook, disguising the attached file as a company invoice. Victims are then encouraged to enable Macros, which downloads a malicious executable that encrypts all files on the compromised system as well as the network.

Locky ransomware impacts nearly all file formats and encrypts all files & replaces the filename with a .locky extension. Once the files are encrypted, the ransomware displays a glooming message that instructs victims to download Tor and visit the attacker’s website for further instruction. Locky victims are being asked to pay between .5 and 2 Bitcoins ($208 and $800) to receive the decryption key.

 

This ransomware also has the ability to encrypt your network-based backed files, so it’s a good idea to store important files in a third party storage as a backup plan to evade future ransomware attacks.

What’s interesting about this catastrophic ransomware is that it’s being translated into many different languages, allowing hackers to go beyond English boundaries and cash in on as many victims as possible. Among the highest rate of infected users includes Germany, Netherlands, U.S., Croatia, Saudi Arabia, Mexico, Poland, Argentina, and Serbia.

Protecting against malicious malware can be a daunting task, but securing a company's digital doors should be of top importance for all organizations. Falling for suspicious emails is one of the easiest ways a hacker can infiltrate your IT system so user education, SPAM blockers, anti-virus tools, and other security applications can help prevent employees from falling victim.

With anti-virus tools only covering the bare surface, it’s important to implement a layered security approach to your IT estate. By working with NNT, your organization will be able to adopt a ‘layered and integrated approach’ to security that incorporates the right process, methodology and set of tools in order to guard your IT environment against today’s ever-evolving threat landscape.

With NNT's Change Tracker Gen7, your organization will come equipped with intelligent file integrity monitoring, compliance management, system hardening, threat intelligence & security configuration management all powered by Intelligent Closed-Loop Intelligent Change Control, all working to make your IT estate as secure and compliant as possible. 

NNT Products
USA Offices
New Net Technologies LLC
Naples
Suite #10115, 9128 Strada Place
Naples, Florida, 34108
Atlanta
201 17th Street, Suite 300
Atlanta, Georgia, 30363.

Tel: 1-888-898-0674
email [email protected]
UK Office
New Net Technologies LLC
Rivers Lodge
West Common
Harpenden
Hertfordshire
AL5 2JN

Tel: 01582 287310
email [email protected]
Connect
Google+ Linkedin Twitter - Change Tracker Facebook rss feed YouTube
CIS benchmarking SEWP Cybersecurity 500 Sans Institute
Copyright 2017, New Net Technologies LLC. All rights reserved. 
NNT and Change Tracker are registered trademarks of New Net Technologies LLC.
All other product, company names and trademarks are the property of their respective owners.