According to security researcher Timothy Davies, a new version of the Locky Ransomware, aka Zepto, has been circulating since around the September 5th 2016 that includes an embedded RSA key. This key allows Locky to encrypt a victim's computer without having to contact their Command & Control server. As many system administrators block Command & Control servers on their firewalls, by using an embedded RSA key, Locky can encrypt a computer regardless of what has been blocked at the edge.
http://www.bleepstatic.com/images/news/ransomware/locky/embedded-rsa/locky-embedded-rsa-key.pngEmbedded RSA Key
Full Article
Locky now using Embedded RSA Key instead of contacting Command & Control Servers
Userlevel 7
+21
Be the first to reply!
Reply
Login to the community
No account yet? Create an account
Enter your username or e-mail address. We'll send you an e-mail with instructions to reset your password.