Are you getting any email with a word file as an attachment of a sales invoice? Beware! If you are going to open it, it can hack your Windows OS, encrypting every file of your system and changing the extension to .Lockey.
Yes, you read it right, a new ransomware is spreading very fast on internet, and if you opened that word file or if you see files with an extension .locky on your machine, you have already affected by the virus and now you have only two options, either to format your machine and re-install the Windows and building your PC again or pay the ransom to the hackers!
For your information, Ransomware is a new way of hacking your machine, where the hackers apply different techniques and let you run any file on your PC which ends in locking all the files on your machine.
The “Locky” ransomware (or virus) is the same way of hacking, which lets you open the Microsoft Word file, which executes the macro on your PC changing extension of all the files on your machine after encrypting them. According to initial reports, the “locky” ransomware is hacking some 4000 machines per hours i.e. 100,000 new machines are being hacked on daily basis.
How does this Ransomware aka Locky Works?
As we discussed above, it all starts with an email having a word file attached. When you download the file and open it, it asks to enable macros and as soon as you enable the macros, it downloads an executable and runs it on your machine.
The most dangerous part is that it not only starts encrypting the files and replaces them with .locky extension on your machine but also targets your network, leaving you and everyone on the network vulnerable.
But the worst part is yet to come. The Locky ransomware has ability to encrypt your backups saved on network which means restoring your PC is not easy if you have not saved the backup on any third-party storage media.
How to recover from Locky Ransomware?
If you are unfortunately already suffering from this virus, you will see a message like shown in the image below. Which explains you are hacked and all your files have been encrypted and if you want to get the decryption key you will have to pay up-to 2 Bitcoins (some $800) to get the key and remove the encryption from all your files.
How fast the Virus is Impacting?
BleepingComputer’s researchers Kevin Beaumont and Larry Abrahms discovered this virus come ransomware and shared some stats of this virus’ spread-out as well. In a blog post, they claimed only in three days this will become a major cyber-security issue for the Windows PCs by affecting quarter of Million PCs.
Until now Germany, Netherlands, Croatia, Argentina, United States, Saudi Arabia, Mexico, Serbia and Poland are the countries being affected mostly by the virus.
So make sure if you are getting any such email, don’t open it and delete it from your PC as soon as possible.