Cisco Blogs
Share

Player 1 Limps Back Into the Ring – Hello again, Locky!


June 21, 2017 - 0 Comments

This post was authored by Alex Chiu, Warren Mercer, and Jaeson SchultzSean Baird and Matthew Molyett contributed to this post.

Back in May, the Necurs spam botnet jettisoned Locky ransomware in favor of the new Jaff ransomware variant. However, earlier this month Kaspersky discovered a vulnerability within Jaff which allowed them to create a decryptor. This turn of events seems to have caused the miscreants behind Necurs to scramble to distribute a different ransomware payload. Falling back on their old tricks, they have selected to re-distribute Locky ransomware. The malware is being transmitted via email using an .exe file encapsulated within two compressed .zip archives.

Read more »



Tags:

In an effort to keep conversations fresh, Cisco Blogs closes comments after 60 days. Please visit the Cisco Blogs hub page for the latest content.