Locky is the most common variant of ransomware on the internet because it’s easy to deploy and manage. CSO’s Steve Ragan wanted to see how it works, so he took the most hands-on approach possible: He infected his own PC. After finding a particularly obvious attack email in his spam filter, Ragan proclaimed, “I’m about to do something you should never do, which is open this attachment and run the file.”

In less than 55 seconds, his files were encrypted — including the ones on his attached storage — and a message popped up telling him to download the Tor browser (used for accessing the “deep web”) and go to a particular address for further instructions. There, helpful text told him how to get bitcoins, then transfer them to the ransom account.

To read this article in full or to leave a comment, please click here