AVAST ANTIVIRUS 037-2791997Luni - Vineri 10:00-18:00
Posted in: antivirus, avast.com, Virusi Started by

A closer look at the Locky ransomware

Today, we bring you a deep look into the latest ransomware called Locky. This new file encryptor, targeting PC users, has most likely been created by authors of the well-known Dridex botnet and is spread the same way.

Locky uses all “top class” features, such as a domain generation algorithm, custom encrypted communication, TOR/BitCoin payment, strong RSA-2048+AES-128 file encryption and can encrypt over 160 different file types, including virtual disks, source codes and databases.

We monitored the Locky family this past month and discovered a second variant of the malware, which has new features and program code improvements. Locky’s authors added a new hard-coded seed to the domain generation algorithm, which allows them to deactivate Locky on Russian PCs.

https://blog.avast.com/a-closer-look-at-the-locky-ransomware

Leave a Reply