New Locky Variant Functions Offline

The latest version of the well known ransomware, Locky, is now able to function offline…

Most ransomware variants need to “talk” to their command center to actually encrypt your files.  They use public key cryptography from their command center and if this is unavailable, the encryption process typically does not move forward.  This is the primary reason why computers are taken offline once they notice suspicious activity.

Unfortunately, with this new variant, taking the PC offline isn’t going to stop the encryption process.  According to KnowBe4, the only silver lining here is that once one person pays the ransom and gets the public encryption key, it will work for all other offline attacked victims.  However, this requires someone to pay the ransom first, which we DO NOT encourage.  If you ever find yourself the victim of ransomware, we encourage you to take the following five steps:

  1. Do not pay the ransom – If you do, you’re just giving the hackers a reason to keep hacking.  Use your back up files to restore your systems.  Again, don’t pay!!
  2. Inform the FBI – By informing the FBI they can investigate to potentially bring legal action against the hacker.  All cyber criminal activity should be reported to the federal IC3 agency.  You can file a complaint with them here.
  3. Notify your current security software company – You also MUST inform your security software company.  If they didn’t know they missed a malicious attack, they cannot stop it in the future.  Also, many anti-virus software companies share their blacklist, or the list of known bad files.  So by sharing it with your software company, they then share it with others; saving thousands of people from falling victim to the same attack that just got you.
  4. Educate yourselves and your employees – Many times we attend one training, or listen to one webinar and consider ourselves educated on the matter.  This cannot be further from the truth.  Continued education on current cyber security threats is imperative.  We recommend our friends at KnowBe4 for both personal and enterprise training on cyber security.  As always, all PC Matic home security subscribers are offered a free cyber security training through KnowBe4 as well.
  5. Reevaluate your security software protection – If your security software failed you, perhaps you should look for an alternative security option.  The United States Computer Emergency Readiness Team (US-CERT) strongly advises using a whitelist security technology.  For personal uses, PC Matic home protection offers superior protection with advanced whitelisting technology.  For enterprise use, there is PC Matic Pro (previously known as Tech Sentry), which offers advanced security protection with proprietary whitelisting technology.
(Visited 30 times, 1 visits today)

Leave a Reply

Your email address will not be published. Required fields are marked *