‘Locky’ ransomware, which infects like Dridex, hits the unlucky

A new flavor of ransomware, similar in its mode of attack to the notorious banking software Dridex, is causing havoc with some users.

Victims are usually sent via email a Microsoft Word document purporting to be an invoice that requires a macro, or a small application that does some function.

Macros are disabled by default by Microsoft due to the security dangers. Users who encounter a macro see a warning if a document contains one.

If macros are enabled, the document will run the macro and download Locky to a computer, wrote Palo Alto Networks in a blog post on Tuesday. The same technique is used by Dridex, a banking trojan that steals online account credentials.

To read this article in full or to leave a comment, please click here

Read more: ‘Locky’ ransomware, which infects like Dridex, hits the unlucky

Story added 17. February 2016, content source with full text you can find at link above.