Locky is a annoying Ransomware that infects PC & Spreads Via Microsoft Word Document
A new ransomware has been identified, Named as ‘Locky’ it is spreading via a Microsoft Word document. Attackers are sending users an infected document file purporting to be an invoice, opening which installs the malicious program on the system.
First reported by security researchers at Palo Alto Networks, the Word file in question trigger actions that require a macro, small applications that automate frequently-used tasks. Microsoft has disabled macros by default, but the document that comes attached to the email by attackers tricks users into enabling macros.
Those who do that, see Locky ransomware getting downloaded and installed on their computer. A staggering number of users are falling for this, apparently.
“Using Palo Alto Networks AutoFocus, Unit 42 observed over 400,000 individual sessions containing the Bartallex macro downloader, which in turned dropped Locky ransomware onto victim machines,” researchers at Palo Alto Networks wrote.
Once installed, Locky locks down all your files in the computer and require you to pay a sum of money in within their mandated period of time. Failure to do so renders all the files useless leaving users with very little to do.
The attacks are currently largely targeted to people in the United States, Canada and Australia. Though, users elsewhere should also take a note of this, and must avoid clicking on any suspicious file.
In a statement to MSPoweruser, Microsoft acknowledged the Locky ransomware, pointing us to this Locky’s entry in its malware encyclopedia, and assured us that it warns users about them. “Microsoft security software detects and removes Locky malware,” said a Microsoft spokesperson.