New Locky campaign underway
Ransomware continues to be among most insidious threats facing computer users this year. Researchers have recently observed a spike in Locky Ransomware phishing. The most recent campaign uses emails with the subject Re:
The Locky ransomware encrypts files renaming the to [unique_id][identifier].locky. The malware will also delete all of the copies of documents in the Shadow Volume, making impossible to restore files.
The only real defenses against these types of attacks is user education and a solid backup plan.
New ransomware BadBlock released
A new ransomware called BadBlock has been released. BadBlock encrypts your data and then requests 2 bitcoins to get your encryption. When it encrypts your files it does not append a special extension to the files.
The most common way of distributing the BadBlock Ransomware is through corrupted email messages that contain corrupted embedded links or file attachments. When computer users open the content included in the email message, the BadBlock Ransomware runs on the victim’s computer encrypting files.