Have you ever thought of your computer being kidnapped? In this new age, this is no longer ridiculous as several destructive ransomware variants (including Locky, CyptoLocker, CryptoDefense, CyptoWall, CTB-Locker, etc.) appeared to kidnap computers in the world. The number of ransomware infections has been increasing!
A new variant of Locky ransomwares known asLukitus has been spreading through socially-engineered emails, e.g. phishing emails.
How ransomware and variants kidnap computers?
Ransomware attacks victims through:
phishing emails with look of legitimate emails such as phony FedEx and UPS tracking notices with malicious file attached;
compromised website which targeted users with outdated or unpatched browser (e.g. IE) or plugins (e.g. Flash Player);
some banner ads to cause user device infected.
Once you open an anonymous attachment, or visit compromised website using outdated browser, ransomware will invade and encrypt your computer. More horribly, this “criminal” encrypts files not only on your computer, but also within shared network drive(s).
After the files are encrypted, a popup will display on your computer asking you to pay ransom money typically in the range of 100-300 USD within a time limit, otherwise, the only key for decryption will be deleted.
Encrypts files on victims’ computers, e.g. CryptXXX & Locky/Lukitus encrypts files on victims’ computers and adds a .crypt or .locky/.lukitus file extension to them.
Files on network drives and cloud services are affected.
Data will be unrecoverable due to encryption by ransomware.
Prevent to be a Victim:
Until now, there is NO effective method to decrypt all the kidnapped files. To save your computer from harms, please remember:
Keep your operating system and software up-to-date with the latest patches.
Alert to the suspicious email.
Do not open any malicious attachment, especially compress files (.zip,.7zip,.rar), or executable files (.exe).
Do not follow unsolicited web links in email messages.