Digital Trends
Computing

‘Locky’ ransomware harnesses the power of Microsoft Word to trick you into paying

Gabe Carey
By

How to get Microsoft Office for free
guteksk7/Shutterstock
Ransomware is a form of malware that’s more annoying than usual both because it revokes access to your computer, and because it then has the nerve to charge you money in order to reverse the lockout. A new type of ransomware, called Locky, appears to deceive users by taking after banking software Dridex.

In a typical Locky attack, victims are emailed a Microsoft Word document disguised as an invoice that requires that a macro app be executed from within the word processor. By default, macros are disabled by Microsoft. If you happen to have enabled them yourself, though, a macro will open from within Word and download Locky to your computer, explained Palo Alto Networks in a blog post earlier this week.

Because of the similarity to a process used by Dridex, many reports are assuming that the developer behind Locky bears some affiliation with the banking software developer “due to similar styles of distribution, overlapping file names, and an absence of campaigns from this particularly aggressive affiliate coinciding with the initial emergence of Locky,” Palo Alto stated.

The way ransomware works is that files on the computer are usually encrypted at the user’s expense, literally, as the malicious software will take control of your personal data and then charge a fee for you to regain access.

It appears the coders behind Locky were planning an attack on a colossal scale. In fact, Palo Alto Networks claims to have uncovered 400,000 sessions that take advantage of the Bartallex macro application used by the ransomware in question.

Unlike other ransomware, Locky’s command-and-control infrastructure tries to employ a key exchange in memory prior to file encryption. Notably, PC World states that this could serve as a weak point for the ransomware.

“This is interesting, as most ransomware generates a random encryption key locally on the victim host and then transmits an encrypted copy to attacker infrastructure,” Palo Alto’s post explains. “This also presents an actionable strategy for mitigating this generation of Locky by disrupting associated” command-and-control networks.

Kevin Beaumont, who wrote a Medium post about the ransomware, points out that files affected by a Locky attack are, quite logically, labeled with a “.locky” extension.

Beaumont adds that for those users affected by Locky within an organization, “You will likely have to rebuild their PC from scratch.

Editors' Recommendations

Don't Miss

Awesome Tech You Can’t Buy Yet: Booze-filled ski poles and crypto piggy banks
Up Next

Peter Diamandis' XPRIZE to award the brightest advancement in AI with $5 million
Riva Concert Review
Product Review

Step aside, Sonos: Riva's Concert is the best smart speaker you can buy

The Riva Concert series speaker is a fantastic, small-profile smart speaker with Alexa integration, truly excellent sound, and great looks, making it the perfect addition to your kitchen, living room, or bedroom.
Posted By Parker Hall
how to change your mouse cursor pointer mousecusor02
Computing

Change your mouse cursor in Windows with these quick tips

The standard mouse cursor is boring, so change it! With this guide on how to change your mouse cursor in Windows, you can choose to use one of Microsoft's pre-installed cursors or download something a bit more extravagant.
Posted By Jon Martindale
hob now arrives xbox one microsoft review macro logo 2 1500x1000
Gaming

Want to share your Xbox One games? Here's how to do it

Sharing games on modern consoles is possible, but it takes a few steps. Here's how to start sharing games on your Xbox One console, so friends and family can easily access your library.
Posted By Gabe Gurwin
best hp laptops chromebook 13
Computing

Here’s how to install Windows on a Chromebook

If you want to push the functionality of your new Chromebook to another level, and Linux isn't really your deal, you can try installing Windows on a Chromebook. Here's how to do so, just in case you're looking to nab some Windows-only…
Posted By Tyler Lacoma
BenQ PD3200U review
Computing

Need a monitor for professional photo-editing? These are the very best

Looking for the best monitor for photo editing? You'll need to factor in brightness, color accuracy, color gamut support and more. Fortunately, we've rounded up the best ones for you, to help you make an educated purchase.
Posted By Jon Martindale
BenQ EX3200R logo
Computing

HDR monitors are beginning to have an impact. Here are the best you can buy

HDR isn't the most common of PC monitor features and is often charged at a premium, but the list of available options is growing. These are the best HDR monitors you can buy right now.
Posted By Matthew S. Smith
heatmine cryptomining heaters heater 6473a
Computing

Canada’s winters inspired a startup to warm homes with cryptomining heat waste

Cryptomining may be the key to untold riches and the future of currency, but it’s also an environmental nightmare. Heatmine, thinks it has the answer, but it could mean bolting a mining rig onto every home and business in the country.
Posted By Simon Cohen
Tablet And stylus stock photo
Computing

You’ll soon be able to scribble all over PDFs on your Chromebook

Chrome OS users may soon be able to doodle all over their PDF documents with the possible addition of a new feature in Chrome OS' PDF viewer. The annotation feature is expected to allow users to hand draw or write over their documents.
Posted By Anita George
msi oculus vr rift collaboration backpack pc on matt back2
Virtual Reality

Oculus Rift vs. HTC Vive: Prices drop, but our favorite stays the same

The Oculus Rift and HTC Vive are the two big names in the virtual reality arena, but most people can only afford one. Our comparison tells you which is best when you pit the Oculus Rift vs. HTC Vive.
Posted By Jon Martindale
Windows 95 Tweet Screenshot
Computing

Microsoft’s Windows 95 throwback was just an ugly sweater giveaway

Microsoft's "softwear" announcement wasn't what we had hoped for. Thursday's announcement was not the new line of wearable tech or SkiFree monster sweater we wished for. But it did deliver the 90s nostalgia we wanted.
Posted By Anita George
Home Theater

Confused about LED vs. LCD TVs? Here's everything you need to know

Our LED vs. LCD TV buying guide explains why these two common types of displays are fundamentally connected, how they differ, what to look for in buying an LED TV, and what's on the horizon for TVs.
Posted By Ryan Waniata, Kris Wouk
best cheap macbook deals 3
Deals

The best MacBook deals for December 2018

If you’re in the market for a new Apple laptop, let us make your work a little easier: We hunted down the best up-to-date MacBook deals available online right now from various retailers.
Posted By Lucas Coll
apple airpods siri
Computing

How to connect AirPods to your MacBook

If you have new AirPods, you may be looking forward to pairing them with your MacBook. Our guide will show you exactly how to connect AirPods to MacBook, what to do if they are already paired with a device, and more.
Posted By Tyler Lacoma
windows10 check for updates windows
Computing

Hitting ‘Check for updates’ in Windows 10 opts you into beta releases

Users who are careful about keeping their system updated should watch out -- Microsoft revealed this week that clicking the Check for updates button in Windows can opt you in to testing beta code.
Posted By Georgina Torbet