New Locky ransomware spotted by IT security experts

The .locky ransomware, aka .locky file virus, has been spotted both by the victims and security experts.

Quite a few cases reported of the infection compromising computer systems. The users who had been unfortunate to get hit by the virus observed the attacks started with after they click on email attachment. It does not necessarily imply all attachments are dangerous. Alas, nowadays hackers break reputable sites or use similar looking domains to attack victims.

This way or another, the click on attachment triggers the encryption process. The virus does not wait for a reboot to activate its settings. It applies a range of tricks.

The restart after the ransomware installation spawns the encryption. It adds .locky extension to each file affected. The original files are usually removed.

Needless to say, the essential change lies in the encryption. It would be relatively easy to handle the consequences if they were limited to the extension change only. The virus applies advanced encryption algorithm. There is virtually no way to undo the encryption unless you get the relevant private key.

The virus issues a ransom note. Its copy is available in three formats, namely .vbs, .txt, .html, and in each folder. The note is actually a preliminary. It instructs the victim to open and install TOR browser, which is to be used to open a specific website. The website contains actual instructions on how to purchase and apply the private key.

As stated above, security experts have also spotted the Locky ransomware. The virus is propagating in the wild.

Removal of .locky virus is available. The victims are strongly recommended to get rid of Locky virus. The extermination is a must, but it must only follow after the adequate recovery effort has been taken. That is because you may need the ransomware to make use of the decryption key, no matter how you would manage to get one.

The virus actively communicates with its remote server. It receives and applies updates so that may further harm your PC. Remove Locky ransomware after fulfilling with the above condition.

Show your support

Clapping shows how much you appreciated Vilhelm’s story.