Locky Ransomware Now Downloaded as Encrypted DLLs – TrendLabs Security Intelligence Blog
The Locky ransomware family has emerged as one of the most prominent ransomware families to date, being sold in the Brazilian underground and spreading via various exploits. Locky has, over time, become known for using a wide variety of tactics to spread–including macros, VBScript, WSF files, and now, DLLs.
Recently we encountered a new Locky variant (detected as RANSOM_LOCKY.F116HM) that used old tactics on the surface, but with some key technical changes. The emails that were used to distribute it were fairly pedestrian as far as these messages go, although it was part of a large-scale spam campaign.
via Advanced Threats,Intelligence Technology,CyberSecurity | Scoop.it http://ift.tt/1PrSk69
September 5, 2016 at 05:45AM