Read! How to survive from new ransomware breach ‘Locky’; Govt issues ALERT
 Source : NewsBharati  Date : 03-Sep-2017

New Delhi, September 3: The Centre has issued an alert regarding a new malware ‘Locky Ransonware’ that locks computers and demands ransom for unlocking them.

Electronics and IT Additional Secretary Ajay Kumar tweeted that an alert regarding spam spreading Locky Ransomware was issued by Indian Computer Emergency Response Team yesterday. 

Ransomware is a malicious software and the Locky Ransomware is learnt to be demanding ransom of half bitcoin, which at present rate is equivalent to over 1.5 lakh rupees.

The alert, issued on Cyber Swachhta Kendra, said it has been reported that a new wave of spam mails is circulating with common subject lines to spread variants of Locky Ransomware.

The alert stated that the computer users are advised to exercise caution while opening e-mails and organisations are advised to deploy anti-spam solutions and update spam block lists.

If you get spam mails containing common subjects like ‘please print’, ‘documents’, ‘photo’, ‘Images’, ‘scans’ and ‘pictures’. Also, these mails contain ‘zip’ attachements with Visual Basic Scripts (VBS) embedded in a secondary zip file. pasting

If the system is infected by Locky all files are encrypted and string with random numbers with extension “ [.]lukitus” or “[.]diablo6” is appended to the encrypted files. It may be noted that earlier variants of Locky add extension “.locky” to the encrypted files. After encryption, desktop background is changed with instructions and a “htm” file with a name “Lukitus[dot]htm”.

It is also reported that a spam campaign showing links to fake dropbox sites is being used to spread Locky variants.

If the pages are viewed in Chrome or Firefox, they show a fake notification stating “you don't have the HoeflerText font”. These fake notifications had an "update" button that returns a malicious JavaScript (.js) file.