Locky ransomware strikes again with its new variant called Lukitus which is a part of a new campaign. Before all this, the ransomware was using a new file extension called “diablo6”. Now, this new .lukitus extension was spotted.
Lukitus lurks in spam emails
As expected, the malware is being distributed via spam emails, so you’d better be extremely cautious. The spam message will come with an attached Microsoft Office file or with a ZIP attachment, which both come packed with malicious scripts. Once a trustful user downloads and executes the file, it will start to encrypt the host computer’s files and data. The malware will also manage to scramble file names, so the users will get confused and not know which file is which anymore.
In the end, the extension ‘lukitus’ will appear next to all infected files, and the downloaded software will disappear. But this is not all as things don’t end here. The program will be replaced by a file which contains the ransom note and users will see that Locky will demand 0.49 Bitcoins which translates into $2,000.
The sad thing is that there is no known way to decrypt the files that have been infected by this variant of the nasty software.
Protect your file against ransomware attacks
What you can do for more protection is to have an offline backup of all of your files. You can also try to restore the encrypted files from Shadow Volume Copies.
As you can see, there’s not much you can to fix the issue, but you can prevent it from happening by being careful when opening email attachments. You should be cautious especially when the emails seem to be random and none of your concern. Another essential thing you have to consider is keeping your antivirus software updated because this will also help block these aggressive cyberattacks.
RELATED STORIES TO CHECK OUT:
- How to remove the Locky ransomware for good
- Locky ransomware spreading on Facebook cloaked as .svg file
- 5 best antivirus software for Facebook