menu

Contact Us

1 (800) 723-1166 |

macro

Homemacro
Homemacro

Locky Ransomware - Encrypts Documents, Databases, Code, BitCoin Wallets and More...

A new ransomware named Locky has emerged recently.  Locky is distributed in a manner similar to that of Dridex botnets 120 and 220. This new ransomware uses 128-bit AES encryption and has a domain generation algorithm (DGA). It is also capable of encrypting SQL databases, source code, BitCoin wallets and more.

Range Technique Permits Ursnif To Jump Onto Your Machine

On January 5th Raytheon|Websense® researchers noticed an interesting e-mail sample from a recent and ongoing e-mail campaign which contained a malicious document attachment and downloaded malware in a unique way. The Microsoft Office Word document downloaded the malicious payload from a JPG file but, where a normal browsing user would see an image of Kangaroo, the malicious document saw a different file - the Ursnif credential stealer.

fig 1. Actual image hosted on command-and-control server

 

Executive Summary