Locky Ransomware Ramps up Aggression with Botnet Functions in Major Japan Infiltration
Ransomware has already been ousted as one of the most aggressive and destructive types of malware this year. Among countless ransomware, the Locky threat has been one that takes the cake for being the most aggressive, which has recently placed ramped up efforts to target computers located in Japan.
The functions for ransomware as of late have been mostly limited to their primary action of encrypting files on an infected computer allowing it to extort money easily from victimized computer users. When it comes to the latest variation of Locky Ransomware, it is showing signs of being much more aggressive in its abilities to contact command and control (c&c) servers to download data or updates. What has also made Locky one of the more highlighted types of ransomware around is the fact that it is showing activity levels that rival threats like Zeus and CryptoWall, which were known for being among the most active malware in recent history.
To add insult to injury in Locky's recent ramped up activity, the ransomware is making Japan one of its main targets where it is having much success in spreading by mail attachment. So far, according to the security firm Fortinet, Locky has been detected in over one million cases in Japan. Through Locky's ability to connect to a c&c server, the threat can decipher computers that are located in Japan where it has increased its targets.
The remarkably high influence of Japan in Locky's recent aggression may be due to its ability to infiltrate systems easier than other areas via email attachments. However, having Botnet functions built into the mold of Locky place it at an advantage among other threats that lack such functionality. Botnets are known as being specialized malware that infects a group of computers where each of them is compromised to the point that they all phone into a command and control server to obtain new instructions or updates. Locky, when it comes to its botnet functions, is able to examine domain generation algorithms in its quest of encrypting files on specific types of computers based on their location.
Because Locky has c&c functions much like botnets, the ransomware has claimed its ranking among the legendary list of botnets, such as Zeus and the most aggressive form of CryptoWall Ransomware. Those who are tuned into the history of malware will recognize Zeus as being one of the most destructive types of botnets in the history of computers ranking up there with the Conficker worm and many others.
During the propagation of Locky, officials and security researchers in Japan, or those who have a voice for Japan computer users, are steadily warning them of the dangers of the threat. Locky is now being bundled with malicious downloaders that are trending in Japan. Such malware is downloading the Locky ransomware and is working in parallel with Locky's botnet activity. Simply put, targeted entities in Japan will need to take proactive measures to protect themselves from the aggressive increase in threats from Locky.
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.