Locky ransomware hits Indian cyberspace, government issues alert

Locky, a deadly "ransomware" has hit India. State-run Indian Computer Emergency Response Team(CERT-in) has issued an advisory on the spreading of Locky ransonware in the country, urging users to not open any emails with attachments from unknown senders.

By: Tech Desk
New Delhi | Updated: September 3, 2017 04:40 PM IST

2 min read

Locky ransomware, Locky attack, Locky ransomware India, Locky attack India, Locky phishing campaign

State-run Indian Computer Emergency Response Team(CERT-in) has issued an advisory on the spreading of Locky ransonware in India.

Locky, a deadly “ransomware” has hit India. State-run Indian Computer Emergency Response Team(CERT-in) has issued an advisory on the spreading of Locky ransonware in the country, urging users to not open any emails with attachments from unknown senders. The alert said the ransomware spreads through “massive spam campaign”. It has been reported that over 23 million messages have been sent in this phishing campaign.

CERT-in advised both the citizens and large organizations to not open emails with subjects like “please print”, “documents”, “photo”, “images”, “scans” and “pictures”. However, the subject texts may change in targeted spear phishing campaigns. The messages contain “zip” attachments with Visual Basic Scripts (VBS) embedded in a secondary zip file. The VBS file contains a downloader which polls to domain “greatesthits [dot] mygoldmusic [dot] com (please do not visit this malicious website), the alert said.

This story requires a subscription

Select a plan and use IE10 code to get 10% extra off

POPULAR

EXPRESS EDGE

Daily ePaper access

Premium stories & archives

UPSC Section + UPSC Essentials Magazine

Premium stories & archives

UPSC Section + UPSC Essentials Magazine

Starts at ₹133/month

Best for UPSC aspirants

This story requires a subscription

Please Select A Plan

POPULAR

EXPRESS EDGE

Daily ePaper access

Premium stories & archives

UPSC Section + UPSC Essentials Magazine

Premium stories & archives

UPSC Section + UPSC Essentials Magazine

Starts at ₹133/month

Best for UPSC aspirants

Locky first surfaced in 2016. It is a deadly ransomware that encrypts files on victims’ PCs and adds a .locky file extension. The attackers then demand ransom to unlock the files. Locky asks for a Bitcoin payment in order to recover the files. The Locky ransomware has extorted more than $7.8 million in payments, according to a recent study by by Google, Chainalysis, UC San Diego, and the NYU Tamdom school of Engineering.

CERT-in has briefed several preventive measures to protect the computer from ransomware attacks:

• Make sure to perform regular backups of all critical information limit the impact of data or system loss and to help expedite the recovery process.

• Don’t open attachments in unsolicited e-mails, even if they come from people in your contact list, and never click on a URL contained in an unsolicited e-mail, even if you think it looks safe.

• Disable ActiveX content in Microsoft Office applications such as Word, Excel, etc.

Story continues below this ad

• Keep your operating system, browsers, browser plugins and antivirus software up-to-date.

• Disable Macro in Microsoft Office applications