1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

'Locky' ransomware, which infects like Dridex, hits the unlucky

Discussion in 'CSO' started by RSS, Feb 17, 2016.

  1. RSS

    RSS New Member Member

    A new flavor of ransomware, similar in its mode of attack to the notorious banking software Dridex, is causing havoc with some users.

    Victims are usually sent via email a Microsoft Word document purporting to be an invoice that requires a macro, or a small application that does some function.

    Macros are disabled by default by Microsoft due to the security dangers. Users who encounter a macro see a warning if a document contains one.

    MORE ON CSO: How to spot a phishing email

    If macros are enabled, the document will run the macro and download Locky to a computer, wrote Palo Alto Networks in a blog post on Tuesday. The same technique is used by Dridex, a banking trojan that steals online account credentials.

    To read this article in full or to leave a comment, please click here

    Continue reading...

Share This Page