The Indian Computer Emergency Response Team (CERT-In) on Saturday issued an alert about spread of a new malicious software ‘Locky’, which is being circulated through spam messages that can potentially lock computers and demand ransom for restoring access to users.
“It has been reported that a new wave of spam mails are circulating with common to spread common variants of Locky ransomware. Reports indicate that over 23 million messages are being sent in this campaign,” CERT-In said in its advisory.
Locky Ransomware is learnt to be demanding ransom of half bitcoin, which at present rate is equivalent to over Rs 1.5 lakh. The alert, issued on Cyber Swachhta Kendra, said it has been reported that a new wave of spam mails is circulating with common subject lines to spread variants of Locky Ransomware.
“The messages contain common subjects like ‘please print’, ‘documents’, ‘photo’, ‘Images’, ‘scans’ and ‘pictures’. However, the subject texts may change in targeted spear phishing campaigns,” the alert, which described severity of the ransomware as “high”, CERT-In noted in its alert.
To target users, it added, spam e-mails showing links to fake websites is being used to spread Locky variants. “Users are advised to exercise caution while opening e-mails and organisations are advised to deploy anti-spam solutions and update spam block lists,” the alert stated.
While the impact of this ransomware on Indian systems is not clear so far, this could be the third major ransomware attack this year after Wannacry and Petya that crippled thousands of computers, including those of multinational corporations. In fact, according to an Assocham PWC study, India was the third worst affected country in a list of over 100 countries hit by Wannacry in May.