Locky is known as the new ransomware family which appeared a few weeks ago and already made a progress in its activity.
According to security researchers, Locky has turned into a commonly seen type of ransomware, which is used to hold a computer’s files hostage pending a ransom payment.
The security experts claim that 18% of 4 million spam messages they collected in the last week were ransomware-related, lots of these linked to Locky.
Locky ransomware is distributed through spam messages which have been sent through the same botnet used to send the online banking malware Dridex.
A security vendor analyzed the statistics collected by its software between Feb. 17 and March 2, 2016. The software detects when ransomware connects to command-and-control servers used by cyber-criminals to manage the malware.
According to the software, about 16.4% of 18 million communications it detected were for Locky infections, with the rest belonging to two of the most popular ransomware families – CryptoWall and TeslaCrypt.
“As predicted, Locky already covers a big chunk of the infections,” the senior antivirus analyst Roland Dela Paz stated. “Most of the Locky infections appear to be in the U.S., France and Japan”, he added.
According to the FBI, Locky ransomware has become one of the biggest threats to consumers and businesses. Despite the fact that some ransomware writers made mistakes in their code early on, there’s usually no way to recover the files unless the decryption key is released.
Usually, the demanded ransom is a few hundred dollars, and detailed instructions are displayed to victims for how to pay in bitcoin.
Considering the malicious threats nowadays, security specialists advise users backing up their files to recover from a ransomware attack and ensuring that the backup drive is safe.