Tag: locky
Locky Dropper Now Comes Embedded in the Loader
Published 5 years ago
We have noticed a change of behaviour in the latest spam email campaigns used by Locky. Since its first release Locky took advantage of compromised domains to download the dropper binary, while recently Locky dropper is being delivered embedded into the loader code itself. By tracking these campaigns we have also noticed that Locky’s authors have made …
Continue reading “Locky Dropper Now Comes Embedded in the Loader”
The Evolution: from Locky Ransomware to Zepto
Published 5 years ago
Locky is one of the most widely distributed and infamous threats in the ransomware landscape. First detected in February 2016 Locky has spread very quickly, proving to be both sneaky and effective. The usual dispatch chain took advantage of massive spam campaigns, leveraging freshly compromised domains to enhance its chances of passing under the radar of the …
Continue reading “The Evolution: from Locky Ransomware to Zepto”
Locky Ransomware Shipping With a New Loader
Published 5 years ago
ReaQta has been monitoring a new and massive worldwide Locky ransomware spam campaign. The attacks are carried out in the usual way: a javascript file attached to an email message delivered to the victims, although this is the first campaign we have tracked that shows a different deployment behaviour. The javascript downloader usually retrieves Locky’s dropper …
Continue reading “Locky Ransomware Shipping With a New Loader”