New Locky ransomware version can operate in offline mode
Written by Jul 14, 2016, 3:26 pm
No Comment • Related Topics: General
The creators of the widespread Locky ransomware have added a fallback mechanism in the latest version of their program for situations where the malware can’t reach their command-and-control servers.
Security researchers from antivirus vendor Avira have found a new Locky variant that starts encrypting files even when it cannot request a unique encryption key from the attacker’s servers because the computer is offline or a firewall blocks the communication.
Calling home to a server is important for ransomware programs that use public key cryptography. In fact, if they’re unable to report back to a server after they infect a new computer, most such programs don’t start encrypting files.
To read this article in full or to leave a comment, please click here
Source: Security
Leave a Reply