Locky ransomware enters indian cyberspace, CERT issues alert

By Shubham Sharma | Updated Sep 03 2017
Locky ransomware enters indian cyberspace, CERT issues alert

The ransomware encrypts the victim’s files and demands a hefty ransom in order to decrypt them. Locky ransomware was first identified back in 2016.

Go from OpenAPI-to-GraphQL in 2 minutes

Create GraphQL interfaces in minutes and build mobile or client apps quicker. Leverage free, open source IBM Code Patterns.

Click here to know more

The Computer Emergency Response Team (CERT) has issued a warning regarding the spread of Locky ransomware in India. Locky ransomware takes over a victim’s system and encrypts its files, demanding a ransom to release the data, similar to the Petya or WannaCry ransomwares. The main difference with Locky is its ability to analyze the most important files and demand individual price for the locked data.

CERT has stated that over 23 million emails and messages have been sent with the Locky ransomware attached. The spam messages contain common subjects like "please print", "documents", "photo", "Images", "scans" and "pictures", however, the subject texts may change in some cases such as targeted phishing campaigns, the organization added. 

“The messages contain "zip" attachments with Visual Basic Scripts (VBS) embedded in a secondary zip file. The VBS file contains a downloader which polls to domain "greatesthits[dot]mygoldmusic[dot]com" (please do not visit this malicious website) to download variants of Locky ransomware.”, warned CERT-IN.

The encrypted files of a system infected with the ransomware displays file extensions with "[.]lukitus" or "[.]diablo6". These are two new variants as the earlier 2016 variant of the ransomware named the encrypted file extensions to “.Locky”. After encrypting the files, the ransomware demands a payment of 0.5 Bitcoins or about Rs 1,51,171.

In order to stay safe from the Locky malware, CERT has advised not to click on any of the suspicious files which have the above mentioned subject lines. It is also recommended to take regular backups of your important files using an external storage device. Do take note that the ransomware affects your network drives and attached removable media such as flash drives and external hard disks. Consider not keeping them attached to your computer at all times as Locky will block all access to them too in case of an attack


NotPetya Malware Everything You Need to Know  Digitin
Shubham Sharma

Working on a miniaturised version of the Arc Reactor.

Digit caters to the largest community of tech buyers, users and enthusiasts in India. The all new Digit in continues the legacy of Thinkdigit.com as one of the largest portals in India committed to technology users and buyers. Digit is also one of the most trusted names when it comes to technology reviews and buying advice and is home to the Digit Test Lab, India's most proficient center for testing and reviewing technology products.

We are about leadership-the 9.9 kind! Building a leading media company out of India.And,grooming new leaders for this promising industry.