Skip to main content
  1. Home
  2. Computing
  3. News

‘Locky’ ransomware harnesses the power of Microsoft Word to trick you into paying

By

A person using a laptop that displays various Microsoft Office apps.
Shutterstock
Ransomware is a form of malware that’s more annoying than usual both because it revokes access to your computer, and because it then has the nerve to charge you money in order to reverse the lockout. A new type of ransomware, called Locky, appears to deceive users by taking after banking software Dridex.

In a typical Locky attack, victims are emailed a Microsoft Word document disguised as an invoice that requires that a macro app be executed from within the word processor. By default, macros are disabled by Microsoft. If you happen to have enabled them yourself, though, a macro will open from within Word and download Locky to your computer, explained Palo Alto Networks in a blog post earlier this week.

Recommended Videos

Because of the similarity to a process used by Dridex, many reports are assuming that the developer behind Locky bears some affiliation with the banking software developer “due to similar styles of distribution, overlapping file names, and an absence of campaigns from this particularly aggressive affiliate coinciding with the initial emergence of Locky,” Palo Alto stated.

Related

The way ransomware works is that files on the computer are usually encrypted at the user’s expense, literally, as the malicious software will take control of your personal data and then charge a fee for you to regain access.

It appears the coders behind Locky were planning an attack on a colossal scale. In fact, Palo Alto Networks claims to have uncovered 400,000 sessions that take advantage of the Bartallex macro application used by the ransomware in question.

Unlike other ransomware, Locky’s command-and-control infrastructure tries to employ a key exchange in memory prior to file encryption. Notably, PC World states that this could serve as a weak point for the ransomware.

“This is interesting, as most ransomware generates a random encryption key locally on the victim host and then transmits an encrypted copy to attacker infrastructure,” Palo Alto’s post explains. “This also presents an actionable strategy for mitigating this generation of Locky by disrupting associated” command-and-control networks.

Kevin Beaumont, who wrote a Medium post about the ransomware, points out that files affected by a Locky attack are, quite logically, labeled with a “.locky” extension.

Beaumont adds that for those users affected by Locky within an organization, “You will likely have to rebuild their PC from scratch.

Editors' Recommendations

Topics
Gabe Carey
Gabe Carey
Former Digital Trends Contributor
A freelancer for Digital Trends, Gabe Carey has been covering the intersection of video games and technology since he was 16…
If you think PCs are dying, you haven’t been paying attention
A laptop sits on a desk with a Windows 11 wallpaper.

It's been a grim week for the world of computers. If you aren't up-to-date on financial statements (and I can't blame you for that), let me catch you up to speed. Microsoft started the week by posting a 39% decline in its Windows revenue, followed shortly by Intel recording a 36% drop for its Client Computing Group (consumer products). AMD and Apple are announcing their earnings next week, with dire predictions as the demand for PCs comes to a standstill.

PCs are dying, or that's how the story usually goes for these types of drops. In 2015, a 5% drop was enough for Wired to declare, "no, really, the PC is dying." And in 2009, when PC sales dropped by 8%, John Herrman at Gizmodo wrote: "I just can't go on pretending there's a future for [desktop PCs]." Those single-digit drops were enough to ruffle feathers, so between a 35% and 40% decline? That looks like certain death.

Read more
Microsoft Word vs. Google Docs
A person using a laptop that displays various Microsoft Office apps.

For the last few decades, Microsoft Word has been the de facto standard for word processors across the working world. That's finally starting to shift, and it looks like one of Google's productivity apps is the heir apparent. The company's Google Docs solution (or to be specific, the integrated word processor) is cross-platform and interoperable, automatically syncs, is easily shareable, and perhaps best of all, is free.

However, Google Docs still has a long way to go before it can match all of Word's features -- Microsoft has been developing its word processor for over 30 years, after all. Will Google Docs' low barrier to entry and cross-platform functionality win out? Let's break down each word processor in terms of features and capabilities to help you determine which is best for your needs.
How does each word processing program compare?
To put it lightly, Microsoft Word has an incredible advantage over Google Docs in terms of raw technical capability. From relatively humble beginnings in the 1980s, Microsoft has added new tools and options in each successive version. Most of the essential editing tools are available in Google Docs, but users who are used to Word will find it limited.

Read more
Microsoft might put ChatGPT into Outlook, Word, and PowerPoint
Bibliography in Word on a desktop computer.

Microsoft is currently testing the GPT AI language that was developed by the technology brand OpenAI to potentially be used in its Office suite of products, including Word, Outlook, and PowerPoint.

OpenAI's intuitive technology products, including ChatGPT and Dall-E 2, have become internet sensations for their text- and image-generating prowess. Many have speculated about how ChatGPT can practically and morally be used. However, Microsoft is looking to use the company's AI models in a more functional manner. The company has already implemented a version of the OpenAI GPT text-generator model as an update to its autocomplete feature, according to The Information.

Read more