securityXspace

Locky Ransomware Now Downloaded as Encrypted DLLs – TrendLabs Security Intelligence Blog

Locky Ransomware Now Downloaded as Encrypted DLLs – TrendLabs Security Intelligence Blog

http://ift.tt/2ca1KpS

The Locky ransomware family has emerged as one of the most prominent ransomware families to date, being sold in the Brazilian underground and spreading via various exploits. Locky has, over time, become known for using a wide variety of tactics to spread–including macros, VBScript, WSF files, and now, DLLs.

Recently we encountered a new Locky variant (detected as RANSOM_LOCKY.F116HM) that used old tactics on the surface, but with some key technical changes. The emails that were used to distribute it were fairly pedestrian as far as these messages go, although it was part of a large-scale spam campaign.

See it on Scoop.it, via Advanced Threats,Intelligence Technology,CyberSecurity

APT

via Advanced Threats,Intelligence Technology,CyberSecurity | Scoop.it http://ift.tt/1PrSk69

September 5, 2016 at 05:45AM

Posted

in

by

Nathan Cocker

Tags:

,

Comments

Leave a Reply

Fill in your details below or click an icon to log in:

Gravatar
WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Cancel

Connecting to %s

%d bloggers like this: