Locky Ransomware

Pierluigi Paganini February 05, 2022
LockBit ransomware gang claims to have stolen data from PayBito crypto exchange

LockBit ransomware gang claims to have stolen customers’ data from the PayBito crypto exchange. PayBito is a bitcoin and cryptocurrency exchange for major cryptocurrencies including Bitcoin Cash, Bitcoin, Ethereum, HCX, Litecoin, Ethereum Classic. The exchange is operated by global blockchain and IT services company HashCash. LockBit ransomware operators claim to have stolen customers’ data from the PayBito crypto exchange, […]

Pierluigi Paganini December 08, 2020
Russian Alexander Vinnik sentenced in Paris to five years in prison for money laundering

Russian citizen Alexander Vinnik was sentenced in Paris to five years in prison for money laundering and ordered to pay 100,000 euros in fines. Russian citizen Alexander Vinnik was sentenced in Paris to five years in prison for money laundering and ordered to pay 100,000 euros in fines. The man went on trial in Paris for having […]

Pierluigi Paganini February 13, 2018
Necurs botnet is behind seasonal campaigns of Valentine’s Day-themed spam

Necurs botnet made headline again, the experts at IBM X-Force research team observed a spike in seasonal campaigns of Valentine’s Day-themed spam emails. Necurs botnet made headline again, the experts at IBM X-Force research team observed a spike in the activity of the infamous botnet. Necurs was not active for a long period at the beginning of 2017 and resumed it activity in April 2017. The Necurs botnet was used […]

Pierluigi Paganini January 02, 2018
Necurs botnet involved in massive ransomware campaigns at the end of 2017

The Necurs botnet made the headlines at year-end sending out tens of millions of spam emails daily as part of massive ransomware campaigns. Necurs was not active for a long period at the beginning of 2017 and resumed it activity in April. The Necurs botnet was used in the past months to push many other malware, including Locky, Jaff, GlobeImposter, Dridex , […]

Pierluigi Paganini November 12, 2017
Avira spotted a new strain of the dreaded Locky Ransomware in the wild

Avira firm detected a new strain of the Locky ransomware that is spreading through malicious attachments disguised as legitimate Libre and Office documents. Researchers at Avira Virus Lab detected a new strain of the Locky ransomware that is spreading through malicious attachments disguised as legitimate documents from productivity applications like Microsoft Word and Libre Office. The new Lock […]

Pierluigi Paganini October 21, 2017
Necurs botnet now spreading the Locky Ransomware via DDE Attacks

Operators behind Locky ransomware campaigns have switched to new attack techniques to evade detection leveraging the DDE protocol. Security experts are continuing to observe the Locky ransomware spreading via spam campaigns that rely on the Necurs botnet. Now operators behind Locky ransomware campaigns have switched to new attack techniques to evade detection. One of the new techniques adopted by the crooks is the use of […]

Pierluigi Paganini September 24, 2017
Authors of Locky Ransomware are big fans Game of Thrones series

Researchers at PhishMe found the names of Game of Thrones show characters and other references into the script used to spread the Locky ransomware. The fantasy drama television series Game of Thrones has an amazing number of fans, including the authors of the Locky ransomware. The discovery was made by researchers at security firm PhishMe that found the […]

Pierluigi Paganini September 24, 2017
Massive HerbaLife spam campaign spreads a variant of Locky ransomware

Researchers spotted a new widespread ransomware campaign leveraging emails with malicious attachments using Herbalife branded messages. Researchers at security firm Barracuda have spotted a new widespread ransomware campaign leveraging emails with malicious attachments, some of them pretend to be sent by the l multi-level marketing nutrition company Herbalife. More than 20 million Herbalife branded emails were sent in a 24 hour […]

Pierluigi Paganini November 21, 2016
Watch out, Locky ransomware spread via SVG images on Facebook Messenger

Researchers have discovered a new hacking campaign leveraging on Facebook Messenger to spread the Locky ransomware via SVG images. The Locky Ransomware is spread via a downloader, experts noticed that it is able to bypass Facebook defense measures by pretending to be a harmless  image file. The campaign was first spotted during the weekend by the malware […]

Pierluigi Paganini August 27, 2016
New Locky Ransomware variant uses DLLs for distribution

A new Locky Ransomware variant has been spotted by researchers at Cyren, it uses DLLs for distribution. The Locky Ransomware is one of the most popular threats since its first detection in the wild early 2016. The ransomware has evolved over the time, crooks have improved it adding new evasion detection features and changing the distribution methods. Security experts […]