A staggering 20 million systems were hit with Locky, a popular strain of ransomware malware, in a single day.

The attack is being pretty smart. It determines the language used on the computer and sends an email in that language. Vietnam has been hit the hardest, along with Colombia, Greece, India, and Turkey. Parts of the files are being randomized, as are the domains used in downloading the malware, which is helping it avoid detection by antivirus software.

The worst part is that this strain of Locky has a single identifier, meaning that there is no decryptor for the locked files. In other words, if you get hit by this epidemic, don’t bother paying the ransom because you’re not getting your files back.

One useful thing to help avoid getting infected is that most of the subject lines of the email sending the infected files follow a pattern, which is “Emailing – [filename]” where [filename] is the name of the attachment. It’s a pretty easy identifier, so remember it and make sure everyone you know knows it too, because as widespread as it is, it’s sure to hit the US before long.


Comments are closed.