A Word document can lock all files in your PC. Lately discovered ransomware Locky which is being spread via email encrypts all your files and demands a hefty ransom against the decryption code. First discovered by PhishMe security researchers, this ransomware has already attacked almost half a million PCs and still counting. Stats say that it is one of the major hacking incidents happened in recent times.
Hackers are sending this malicious Microsoft Word document in a convincing email which apparently is leading users to believe and click it. As soon as you open the document, this Macro malware, enables Macro on your Windows PC and installs the ransomware thereby encrypting all your files.
Locky ransomware encrypts Office files
This is not limited to Office files on your disk; it includes all files saved in your PC directories. Locky also encrypts the files in any of your removable storage drives plugged into the PC, at the time of ransomware installation.
Moreover, this ransomware infects the PCs connected via network sharing, regardless of the operating systems. The Locky ransomware reportedly encrypts your Bitcoin wallets as well, so as to compel users to pay the ransom.
It is a very well planned hacking episode where the malicious document is being spread via Outlook or Microsoft 365 and is also translated into many different languages.
Kavin Beaumont, the UK-based security researcher called it a masterpiece of criminality and said in his Medium post,
“Traffic today has varied between 1 new endpoint each second, to up to 5 per second. I estimate by the end of the day well over 100,000 new endpoints will be infected with Locky, making this a genuine major cybersecurity incident — 3 days in, approximately a quarter of million PCs will be infected”.
Most of the anti-virus software fail to detect this ransomware thus, think twice before clicking on any such attachment, even if you are using the best antivirus software on your PC. If you, unfortunately, fall into the trap, rebuilding your PC and paying the ransom is all you can do.
Be careful and stay safe. Read more about it on Microsoft TechNet.