This year saw a sudden influx of ransomware starting with WannaCry in May, following which Mamba, Petya and Locky also made surprise visits. New variants of Locky ransomware had started targeting users a week back, and appear to have arrived in India as well. The Indian Computer Emergency Response Team (CERT-In) has now issued an alert for Locky ransomware warning users in India to stay cautious of it. Also Read - FIR filed against Twitter India again, now over child pornography contentAlso Read - Mi Notebook Pro X to be Xiaomi's most expensive laptop yet, launch tomorrow
CERT-In advises all users to take caution while opening emails and to avoid those with suspicious file attachments. Organizations are also asked to use anti-spam solutions on their systems and update their spam block lists. In addition to this, the basic practices of installing certified anti-virus software on your system and updating it regularly is also advised. CERT-In has listed a set of measures to take in the wake of Locky ransomware.
Locky ransomware was released in 2016, and follows the same path of taking hold of your system, encrypting your files and demanding ransom to unlock it. Locky ransomware spreads through zip attachments sent via emails. These attachments contain Visual Basic Scripts (VBS) embedded in the zip file inside which, a downloader leading to the domain greatesthits[dot]mygoldmusic[dot]com . If you open the attachments and visit this website, variants of Locky ransomware will be downloaded to your system. ALSO READ: Government issues alert on new ransomware Locky
Once Locky ransomware enters your system, all files will be encrypted and the names will be changed with extensions .lukitus or .diablo6 . Earlier the encrypted files on the system would be shown with the extension .locky . Post encryption, the desktop background on your system will be changed to one showing an htm file titled Lukitus.htm which contains instructions on how to pay the ransom amount. ALSO READ: New variants of Locky ransomware observed: eScan