Locky ransomware is back. 

New Locky Ransomware Variant

Locky ransomware is back. This time it’s a new more malicious variant of the original malware.  It is spread by spam email that comes with a .zip attachment, containing a .js or .vsb file inside. Beware of any and all files you receive with attachments.  If you get infected with this version of Locky, your data will get encrypted and there is no known decrypt available currently.  Anti-virus vendors are currently scrambling to address this new variant.

Appalachia’s ATProtect Managed Service Services are protecting customers from the latest Locky attacks.  However we advise everyone follow the below advice to improve your chances:

  • If you receive an email attachment of any kind, treat it with caution – especially if it’s a .zip file. Make sure you know the sender and you were expecting an attachment.  Double-check the email headers to make sure they are legit.
  • Configure Windows to show file extensions. This makes it easier for you to spot files that may not be what they seem.
  • Use a reputable anti-virus/anti-malware with an on-access scanner (real-time protection). This can block malware in a number of ways.
  • Implement stricter email gateway settings. Pay particular attention to staff that is targeted by hackers, like accounting and human resources. 
  • Regular training is important to keep your users aware and vigilant at all times.  One class isn’t enough, make sure your staff continue to do the right thing. Test your users with simulated phishing emails.
  • Offline Backups are critical!  Shadow Volume Copies or online backups are not enough (Locky deletes them)

If you or a co-worker accidentally open one of these phishing email attachments, you might infect not only your own workstation, but immediately everyone else’s computer too. Remember: “When in doubt, throw it out!”

Appalachia ATProtect Managed Security Services customers have been monitored proactively for this attack since Aug 15th. ATProtect customers may also take advantage of regular vulnerability scanning, identifying any vulnerable Windows systems. 

Additional services such as our Managed Backup/Disaster Recovery solution provides a second layer of protection; and Security Awareness Training & Simulated Phishing services ensure that your employees are not the weak link in your network security.

For more information or to get started, contact us at: atsales@appalachiatech.com