New Locky campaign underway
Ransomware continues to be among most insidious threats facing computer users this year. Researchers have recently observed a spike in Locky Ransomware phishing. The most recent campaign uses emails with the subject Re:
The Locky ransomware encrypts files renaming the to [unique_id][identifier].locky. The malware will also delete all of the copies of documents in the Shadow Volume, making impossible to restore files.
The only real defenses against these types of attacks is user education and a solid backup plan.