Pranksters have infiltrated the control system behind the infamous Locky ransomware and replaced the malware’s main payload with a dummy file. Locky normally spreads using malicious and disguised JavaScript inside email attachments supposedly containing an invoice or similar. Malicious messages are sent to prospective marks in spam runs. Those on Windows machines who open the malicious attachment are likely to become infected, a process that results in user files getting encrypted. If this happens it’s normally impractical to recover scrambled files without paying crooks a fee in exchange for the private encryption key needed to recover compromised data.
View full story
ORIGINAL SOURCE: The Register