18th September 2017 By Lawrence Abrams
Today a new Locky Ransomware variant was discovered by Stormshield malware analyst coldshell that switches to the .ykcol extension for encrypted files. It is important to note that if you are infected with this ransomware, you are not infected with the Ykcol Ransomware, as some sites may call it. You are instead infected by Locky, which is using the .ykcol extension.
This variant is currently being distributed via spam emails that have a subject line of Status of invoice, which contain a 7zip, or 7z, attachment. This attachment contains a VBS file, which when executed will download the Locky executable from a remote site and execute it.
Full Article.
Userlevel 7
Once again opening attachments without really scanning for virus's gets you in trouble. Common Sense should prevail.
Userlevel 7
It is a bit like Odo with his bucket https://en.wikipedia.org/wiki/Odo_(Star_Trek)@ wrote:
That nasty little bugger seems to have an infinite amount of forms it can take!!
Userlevel 7
Reply
Login to the community
No account yet? Create an account
Enter your username or e-mail address. We'll send you an e-mail with instructions to reset your password.