No incidences of Locky ransomware attacks in India yet: Trend Micro

By Shubham Sharma | Published on Sep 05 2017
No incidences of Locky ransomware attacks in India yet: Trend Micro
HIGHLIGHTS

CERT recently issued an alert on the spread of Locky ransomware. The ransomware encrypts a victim’s files and demands a hefty ransom in order to decrypt them. Trend Micro assures that there have been no reported incidences of the Locky ransomware in India yet.

Apple iPhone XR 64GB at Lowest Price Ever

6.1" display | 50% Faster Graphics performance | TrueDepth camera

Click here to know more

India’s Computer Emergency Response Team (CERT) issued an alert last weekend as a malware named “Locky” was spreading through spam mails on the internet. However, cyber security firm Trend Micro said on Monday that no incidences of Locky have been reported in India till now.

As per a statement by Trend Micro, the Locky ransomware is not likely to affect systems on the same scale as Petya or WannaCry ransomware as they relied on a Windows XP vulnerability. Sharda Tickoo, Technical Head, Trend Micro India, said in a statement, “So far, there haven't been any cases of Locky ransomware reported in India or across geographies, but we are getting inquiries from customers and Trend Micro's support team is helping out in resolving them. For addressing this malware, Trend Micro has its protection in place with suspicious and bad URLs being blocked. There are technologies wherein such embedded macros and file scripts can be detected and deleted.”

Tickoo also pointed out the difference between Locky and other ransomwares. She explained that Petya and WannaCry malwares were able to exploit and spread using Microsoft’s Windows XP vulnerability. However in Locky’s case, the ransomware is being spread through Visual Basic (VB) or JavaScript codes along with zip attachments through emails, so there is a high chance of this malware evading detection. As the malware makes use of scripts instead of executables, it can be run on any computer and can virtually affect anyone.

On keeping safe from the ransomware, she advised, "Since this particular malware arrives through email compressed attachment and through hidden Visual Basic (VB) / JavaScript, we have to ensure that email as a channel is widely protected. We are trying to build a ransomware strategy with two best practices - first is to start with fortifying email defense mechanisms and second is to delete the VB or JavaScript if it is not used in machines."

Last weekend, CERT issued an alert saying that a spam campaign containing Locky ransomware has been started and over 23 million emails and messages have been sent with the ransomware attached. The spam messages contain common subjects like "please print", "documents", "photo", "Images", "scans" and "pictures”. CERT also warned that the spam email attachments contain the malicious ransomware codes and users need to be wary of any emails that seem suspicious.

Videos

WannaCry Everything You Need To Know  Digitin
logo
Shubham Sharma

Working on a miniaturised version of the Arc Reactor.

Digit caters to the largest community of tech buyers, users and enthusiasts in India. The all new Digit in continues the legacy of Thinkdigit.com as one of the largest portals in India committed to technology users and buyers. Digit is also one of the most trusted names when it comes to technology reviews and buying advice and is home to the Digit Test Lab, India's most proficient center for testing and reviewing technology products.

We are about leadership-the 9.9 kind! Building a leading media company out of India.And,grooming new leaders for this promising industry.