The government, late on Saturday night, issued an alert on spread of new malware called ‘Locky Ransomware’ that can lock computers and demand ransom for unlocking them.
“Alert regarding spam spreading Locky Ransomware issued today by @IndianCERT...,” Electronics and IT Additional Secretary Ajay Kumar tweeted.
Ransomware is a malicious software and the Locky Ransomware is learnt to be demanding ransom of half bitcoin, which at present rate is equivalent to over ₹1.5 lakh.
The alert, issued on Cyber Swachhta Kendra, said it has been reported that a new wave of spam mails is circulating with common subject lines to spread variants of Locky Ransomware.
“Reports indicate that over 23 million messages have been sent in this campaign. The messages contain common subjects like ‘please print’, ‘documents’, ‘photo’, ‘Images’, ‘scans’ and ‘pictures’ However, the subject texts may change in targeted spear phishing campaigns,” the alert, which described severity of the ransomware as “high”, said.
Systems infected by Locky Ransomware get locked or encrypted with random numbers with “extension [dot] lukitus or [dot] diablo6”, the alert stated. The instructions contain installation of “a TOR browser and visiting (dot) onion sites and demanding ransom of .5 Bitcoins”, it added.
To target users, spams showing links to fake dropbox websites is being used to spread Locky variants. “Users are advised to exercise caution while opening e-mails and organisations are advised to deploy anti-spam solutions and update spam block lists,” the alert stated.
May saw a series of cyber attacks involving ransomware WannaCry. “Among more than 100 countries that were hit by WannaCry (an advanced ransomware attack), India was the third—worst affected,” an Assocham PWC report said.