18th September 2017 By Lawrence Abrams
Today a new Locky Ransomware variant was discovered by Stormshield malware analyst coldshell that switches to the .ykcol extension for encrypted files. It is important to note that if you are infected with this ransomware, you are not infected with the Ykcol Ransomware, as some sites may call it. You are instead infected by Locky, which is using the .ykcol extension.
This variant is currently being distributed via spam emails that have a subject line of Status of invoice, which contain a 7zip, or 7z, attachment. This attachment contains a VBS file, which when executed will download the Locky executable from a remote site and execute it.
Full Article.
Locky Ransomware Switches to the Ykcol Extension for Encrypted Files
Userlevel 7
+54
Userlevel 7
Once again opening attachments without really scanning for virus's gets you in trouble. Common Sense should prevail.
Userlevel 7
That nasty little bugger seems to have an infinite amount of forms it can take!!
Userlevel 7
+54
It is a bit like Odo with his bucket https://en.wikipedia.org/wiki/Odo_(Star_Trek)@ wrote:
That nasty little bugger seems to have an infinite amount of forms it can take!!
Userlevel 7
Very close!! Not far off from sure.
It's this guy. Luckily the Sayans put him in his place..I feel so nerdy to be even posting this :D
It's this guy. Luckily the Sayans put him in his place..I feel so nerdy to be even posting this :D
Reply
Login to the community
No account yet? Create an account
Enter your username or e-mail address. We'll send you an e-mail with instructions to reset your password.