Is your data safe? A new ransomware threat: Locky
Locky ransomware
is a program that spreads through a milicious Word document attached to an
email. The email that
distributes Locky Ransomware usually goes in the form of an invoice. This
malicious Word document can immediately execute a malicious encryption process.
What does Locky ransomware really do?
As you can see,
this virus is called "Locky", which itself reveals its function. This
ransomware blocks the user files placed on the persecuted PC without the
possibility to recover them unless you have the decryption key or a backup copy
of the files stored on an external drive. To be more precise, the Locky virus
starts processes that scan your computer and detect audio files, documents,
videos, photos, databases, archives and other files. What's more, you can find
Locky external drives and even network drives connected to your device. Upon the
detection of such files, the virus encrypts them using the AES encryption
algorithm. What's more, the virus deletes the shadow copies (records Volume
Snapshot Service), which can be used to recover encrypted files.
After Locky finishes its dirty work, it leaves a ransom note (_Locky_recover_instructions.txt) in each folder that has some of the encrypted files on it and changes your desktop wallpaper to an image that shows the same ransom note information. It tells you to open an anonymity network TOR and pay a ransom of about 0.5 Bitcoins, which currently is around 1600zł
After Locky finishes its dirty work, it leaves a ransom note (_Locky_recover_instructions.txt) in each folder that has some of the encrypted files on it and changes your desktop wallpaper to an image that shows the same ransom note information. It tells you to open an anonymity network TOR and pay a ransom of about 0.5 Bitcoins, which currently is around 1600zł
How fast does
it spread?
Even though it is a new threat, researchers at Palo Alto Networks
have recorded 446,000 sessions involving this new ransomware, over half of
which (54%) were detected to have affected victims in the United States. So far,
there is no way to recover your data.
Last month for example, a Hollywood hospital paid $17,000 to the ransomware hackers. You can read
more about it at http://www.digitaltrends.com/computing/hollywood-hospital-ransomware-attack
I think if
the FBI is unable to deal with it, there
is no chance for it for a normal user. There were also several cases of
infections in Poland and the only „saved” data was that which was backed up.
It is estimated that the creators of Locky earned millions of dollars.
This ensures that even if the antivirus companies deal with this threat, we can be sure that soon there will be new versions of the malware.
It is estimated that the creators of Locky earned millions of dollars.
This ensures that even if the antivirus companies deal with this threat, we can be sure that soon there will be new versions of the malware.
How can you avoid it?
Firstly, something that seems obvious. Never open or save attachments from
senders you do not know or you are not sure that this is a message from a
trusted source.
Also, create backup copies of the files that are important to you. The exception is when you haven’t got such data so then you have got no problem.
Also, create backup copies of the files that are important to you. The exception is when you haven’t got such data so then you have got no problem.
Questions:
1
Are
you careful with email messages?
2
Do
you have a copy of files which are very important to you?
3
Would
you pay to recover your data from “bad” people?
Sources:
This comment has been removed by the author.
ReplyDelete
ReplyDelete1. I don't open attachments and even emails from unknown sources. Even the best security measures are useless when users are careless.
2. Yes, Maybe I exaggerate but I store my important files (like master thesis :)) on 3-4 separate data storage.
3. I don't trust thieves - definitelly NO.
1. Are you careful with email messages ?
ReplyDeleteOf course, I delete all the suspicious emails without reading
them. I also have an antivirus which scans my emails. I take care not
to give out my email address to strangers, especially when registering a loyalty card.
2. Do you have a copy of files which are very important to you?
Yes, I always have my data backed up. When I was young I kept my
pictures, music and important files on CDs. Now I backup my files
using an external hard drive and a disk on my second laptop.
3. Would you pay to recover your data from “bad” people?
I don't have any confidential information on my laptop and I think I couldn't pay to recover my data - these is nothing special there. If I would be a famous person I think I would consider this option.
Great article, thanks for sharing. When I was reading it reminded me a of video about a guy who challenged hackers to hack him. Here is the link: https://www.youtube.com/watch?v=bjYhmX_OUQQ
ReplyDeleteThe base concept was the same as in your article. Guy has opened an attachment and installed something on his computer (a Mac computer!). After this the hacker had non limited access to his computer and could do everything he wanted to.
Unfortunately, there is no antivirus program that can protect you from being naive and irresponsible.
1. Are you careful with email messages?
ReplyDelete2. Do you have a copy of files which are very important to you?
3. Would you pay to recover your data from “bad” people?
1. I'm trying to be careful, i don't open suspicious e-mail messages and attachments from unknown sender and i deletes all spam. It's also important not to open your accounts (all kind) on untrusted computer or when u use a public wifi.
2. Yes, i have some files copied on my external drive.
3. No, i think it's not a good way to pay for it. You can't trust someone who stolen your files...
1. I don't open suspicious email attachments. However, ransomware spreads not only via e-mails. Some ads on well known pages were sources of the danger as well (https://www.theguardian.com/technology/2016/mar/16/major-sites-new-york-times-bbc-ransomware-malvertising). So we should be careful all the time!
ReplyDelete2. I make full disc backup at least once a month to an external HDD. However, I also have a network attached storage, where I do backup every night and thought it would be safe from such virus but apparently it is not... Moreover, I red that people think that if they do backups to dropbox or google drive then they are safe, which, in most situations, is not true neither...
3. Nobody can guarantee that if I paid, I would get by data back. However it's hard to say what I would do if it really happened. However,
Very interesting topic. This presentation reminded me about the series I recently watched called “Mr Robot”. If you haven’t watched it I don’t want to spoil you something, but I really recommend you to watch this series.
ReplyDelete1. I am always carful with my email. As you wrote at the end of your presentation, I always check an identity of a sender and I never open suspicious e-mails.
2. Yes, I have my external hard drive on which I store my backup files.
3. Definitely no. If my computer has been hacked, it would be only my fault because of not complying with safety rules. If I lost all my data, it would be a lesson to me to be more cautious in the future.
1. Are you careful with email messages?
ReplyDeleteYes I am. I don't open attachments from people that I don't know. Sometimes I sometimes even don't open mails from address that is suspicious for me. Fortunately most of malicious mails are filtered by gmail.
2. Do you have a copy of files which are very important to you?
Yes of course. My most important files are in 3 places, in cloud on my pc and on additional flash drive(for example).
3. Would you pay to recover your data from “bad” people?
Hard question. Probably no because I wouldn't trust someone who stole something from me. But maybe if desperate... Who knows, actually.
1. I think that I'm careful. I do not open attachments from unknown and untrusted sources. I do not believe in the messages, for example: You must provide your password for verification, etc. Unfortunately, I get a lot of emails with strange attachments, with a strange content and from a strange email address, but I removed them immediately.
ReplyDelete2. Yes, of course. Files that are important to me are stored on a computer, on the external hard disk, and sometimes in the cloud. Then I have confidence that even in case of unavailability of one of the source, I can find the file in another.
3. No, I would not. I would prefer to ask for help company which specializes in data recovery.
1 Are you careful with email messages?
ReplyDeleteI am always careful when it comes to emails, especially those work related.
2 Do you have a copy of files which are very important to you?
Yes, I have them on external HDD and on OneDrive as well.
3 Would you pay to recover your data from “bad” people?
Well I dont think so, that kind of blackmail always has risks in it, you dont have guarantee that you will get your files, trusting a thief is not really a good idea in my opinion.
1. I 'm trying to be careful communicating via the Internet , because I realize that I can be spied . I will hide the camera from the notebook, because I heard that hackers can spy on the camera .
ReplyDelete2.I try to make copies of things that are important to me . I put them on a USB stick or external drive .
3.It's hard to say , it depends on the data which hackers to steal , and how much money they wanted .
1. Internet security is very important to me. The number of spyware/ransomware you can find on some websites is frightening. When it comes to e-mails, I delete everything that I find suspicios. Once when I was looking for a flat I got an e-mail from a realtor with link inside to some offers. I deleted it immediately and didn't contact this agen ever again. At work we're often tested by the security department that sends us spam mail (about holidays or complaints), so now I'm always on guard. Altough, it's quite to be so, because they send it almost everyone, so we're cautios right away.
ReplyDelete2. It might sound strange, but I don't have that many files that are very dear to me, thus I don't really care about copies of them. Some time ago I wanted to format my hdd and I didn't even make a backup.
3. I want to say no, but it really depends on circumstances. I don't think I have ever created or had anything that someone would want to steal from me. But im might change in the future. If or when it happens, I guess it will be a hard nut to crack for me.
1 Are you careful with email messages?
ReplyDeleteYes, I am. And I’m trying to convince my family and friends to do so. If they have any doubts they just don’t open specific message.
2 Do you have a copy of files which are very important to you?
I have backup of most important documents.
3 Would you pay to recover your data from “bad” people?
In first place I would rather not make that happen – I mean “bad” people having my files in their hands. If it would happen… I don't know. Maybe I will try asking for help companies that specializes with restoring data – of course if I wouldn’t have current backup of files in the first place.
Hi Arkadiusz, great article!
ReplyDelete1 Are you careful with email messages?
I am always careful when it comes to emails, both - private and related to work.
2. Do you have a copy of files which are very important to you?
I have my external hard drive on which I store all files.
3 Would you pay to recover your data from “bad” people?
If I lost all my data, it would be only my fault and a lesson to be more careful in the future.
1. Are you careful with email messages?
ReplyDeleteYes. I have some good anti-spam filters and I think twice before clicking on link or opening attachment. Also good antivirus software is the basis.
2. Do you have a copy of files which are very important to you?
Yes. Mostly I use disk in cloud and external hard disk. But I hope that I will not have to use them :)
3. Would you pay to recover your data from “bad” people?
No. If I will lose some files then I'll just recover them from backup. Anyway you shouldn't trust to person who stole your goods.
Questions:
ReplyDelete1 Are you careful with email messages?
Yes, I never openned an emails from unknown sources, but I know that users in company in which I'm currently working, were openning emails with malicious viruses many times.
2 Do you have a copy of files which are very important to you?
Yes and no, it depends on content of those important files. I have few rules which I'm trying to follow, first is to try to check if important files can be stored not electronically, and if there's such possibility, I choose it. Second rule is for photos/videos, I'm not saving those ones in a cloud, as you never know where your files are stored when you're using cloud services.
3 Would you pay to recover your data from “bad” people?
No I wouldn't. There is a simple reason, you shouldnt' negotiate with thiefs, as they're not honest, and the chance of receiving back your files is very little.
Yes, I try to be careful, and don't open e-mail with suspects mail and mail from strange sources.
ReplyDeleteYes, I have a copy of my files on my portable disk, this the most important divce at my work (however one of cheaper), I'm working as graphic designer, sometimes as freelancer, and sometimes I use once graphic many times (of course I changing elemnts to fit for diffrents clients), other times clients don't need to create project, beacuse they need only print designed at past files. Other files like photos, videos, films have sentimental value for me. I wouldn't to pay to recover my data from "bad" peopole, I think that better way it will paying to have a good restore files and pay for it people who act in good order.
Yes, I try to be careful, and don't open e-mail with suspects mail and mail from strange sources.
ReplyDeleteYes, I have a copy of my files on my portable disk, this the most important divce at my work (however one of cheaper), I'm working as graphic designer, sometimes as freelancer, and sometimes I use once graphic many times (of course I changing elemnts to fit for diffrents clients), other times clients don't need to create project, beacuse they need only print designed at past files. Other files like photos, videos, films have sentimental value for me. I wouldn't to pay to recover my data from "bad" peopole, I think that better way it will paying to have a good restore files and pay for it people who act in good order.
Hello Ya'll,
ReplyDeleteBelow are the most recommended BTC exchangers (BTC for CASH):
Coinbase: $1 min. trade
CoinMama
Earn free BITCOINS with the best Bitcoin faucet rotator:
IACBit.org Faucet Rotator