Locky Ransomware switches to the Lukitus extension for Encrypted Files

From Botnets.fr
Revision as of 18:27, 23 August 2017 by Eric.freyssinet (talk | contribs)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigation Jump to search

(Publication) Google search: [1]

Locky Ransomware switches to the Lukitus extension for Encrypted Files
Botnet Locky, Lukitus
Malware
Botnet/malware group Cryptolocker
Exploit kits
Services
Feature .lukitus
Distribution vector
Target
Origin
Campaign
Operation/Working group
Vulnerability
CCProtocol
Date 2017 / 2017-08-16
Editor/Conference Bleeping Computer
Link https://www.bleepingcomputer.com/news/security/locky-ransomware-switches-to-the-lukitus-extension-for-encrypted-files/ (Archive copy)
Author Lawrence Abrams
Type Blogpost

Abstract

Today a new Locky Ransomware variant was discovered by Rommel Joven that switches to the .lukitus extension for encrypted files. It is important to note that if you are infected with this ransomware, you are not infected with the Lukitus Ransomware, as some sites may call it. You are instead infected by Locky, which is using the .lukitus extension. There is a difference.

Bibtex

 @misc{Lua error: Cannot create process: proc_open(/dev/null): failed to open stream: Operation not permitted2017BFR5335,
   editor = {Bleeping Computer},
   author = {Lawrence Abrams},
   title = {Locky Ransomware switches to the Lukitus extension for Encrypted Files},
   date = {16},
   month = Aug,
   year = {2017},
   howpublished = {\url{https://www.bleepingcomputer.com/news/security/locky-ransomware-switches-to-the-lukitus-extension-for-encrypted-files/}},
 }

Retrieved from "https://www.botnets.fr/index.php?title=Locky_Ransomware_switches_to_the_Lukitus_extension_for_Encrypted_Files&oldid=14150"