If you receive a mail masquerading as a company’s invoice and containing a Microsoft Word file, think twice before clicking on it.
Locky ransomware is spreading at the rate of 4000 new infections per hour, which means approximately 100,000 new infections per day.
Microsoft MACROS are Back
How Does Locky Work?
Once a user opens a malicious Word document, the doc file gets downloaded to its system. However, danger comes in when the user opens the file and found the content scrambled and a popup that states “enable macros”.
- Once the victim enables the macro (malicious), he/she would download an executable from a remote server and run it.
- This executable is nothing but the Locky Ransomware that, when started, will begin to encrypt all the files on your computer as well as network.
Locky Encrypts Even Your Network-Based Backup Files
“I estimate by the end of the day well over 100,000 new endpoints will be infected with Locky, making this a genuine major cybersecurity incident — 3 days in, approximately a quarter of Million PCs will be infected,” Kevin said in a blog post.