Locky Ransomware: Beware of Malicious Emails with JavaScript attachments

Most European countries have been hit by Locky ransomware, a massive email spam campaign carrying malicious JavaScript attachments that install malware unto unsuspecting users PCs. While countries affected with the highest detection rates include: Luxembourg (67%), Czech Republic (60%), Austria (57%), Netherlands (54%) and the UK (51%).

Ransomware is typically a malware that's covertly installed on a computer without the knowledge of the user, and restricts access to the infected system, and demands that the user pay a ransom to the creator to remove the restriction.

It usually comes as an email attachment, with the threat behind these detection designed to download and install different variants of malware to a victim's machine.

And if a user falls for the scam, JS/Danger.ScriptAttachment tries to download some malicious codes, such as Locky, a widespread, malicious program that uses strong encryption to hold users’ files hostage.

ESET, IT security firm, has observed a spike in detection for JS/Danger.ScriptAttachment on May 22, and which exploit peaked on May 25.

Such malicious attachments are usually .zip archive files that contain .js or .jse files inside, and these files can execute directly on Windows without any additional applications.

So users should avoid opening this kind of files, while its advised that both private and corporate internet users should keep their computers and software up to date.
Next Post »