1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

[!!! Important !!!] Trojaner "Locky"

Discussion in 'Lounge' started by the MINION, Feb 23, 2016.

  1. the MINION

    the MINION Im not a MINION, im a yellow Tic Tac Banrighted Warteam Member

    Have you heard of the encryption trojan "Locky"? It encrypts your data and you can not get more of it. It is a virus that hides in the e-mail attachments. Please be careful when opening emails. Meanwhile, there are also Java Attachments that are contaminated.

    Greetz
     
    lifeboy, OTe, Gisbourne and 2 others like this.
  2. OverDoch

    OverDoch Glitch = Autokick

    ransomware
     
  3. Bauer

    Bauer Party Organizer Member Warteam Member

    hmm this is fucking great, so I dont have to clean and delete my porn history/cookies b4 i leave work.

    Where can i get infected?
     
  4. SIPKODAR

    SIPKODAR Ban Evasion hunter. Banrighted Warteam Member

    It works the same was as TeslaCrypt/Cryptowall/CTBLocker. It encrypts all files with popular extensions (doc/rtf/bmp/jpeg/etc etc...) with a secret key, then it sends this key to MasterServer (C&C) and displays You info about files encrypted. If You pay the ransom, the C&C will send back the key, and the Locker malware will decrypt all files.
     
    Bauer and Gisbourne like this.
  5. Bauer

    Bauer Party Organizer Member Warteam Member

    How much do you want? @SIPKODAR

    Ijust tried to open my cod4 and is asking for pw :(
     
  6. OverDoch

    OverDoch Glitch = Autokick

    pass: 1234
     
    the MINION likes this.
  7. Bauer

    Bauer Party Organizer Member Warteam Member

    no, thats my email password! WTF
     
  8. SIPKODAR

    SIPKODAR Ban Evasion hunter. Banrighted Warteam Member

    try PornMachine69 or BAUER_THEBOSSOFWARORGANISING
     
    Bauer likes this.
  9. Bauer

    Bauer Party Organizer Member Warteam Member

    it worked, thanks ^^ :)
     
    Gisbourne likes this.
  10. OverDoch

    OverDoch Glitch = Autokick

    first or second? xD
     
    Gisbourne and CmD like this.
  11. Frozenadict

    Frozenadict Registered

    'Good news is that the history of cracking similar ransomware includes a significant record. That is, the victims may reasonably hope for the data decryption tools to be provided by the white hats in the nearest failure. Meanwhile, IT experts suggest applying general recovery routines.

    Last but not least, the victims shall remove Locky ransomware; the removal, however, shall only complete after satisfactory data recovery has been achieved.

    Automatic removal of Locky ransomware and .locky files restoration [...]

    Unlock .locky files encrypted by Locky virus' - quoted from http://sureshotsoftware.com/guides/locky/
     
  12. Trobon

    Trobon Game Admin Game Admin

    Isn't that advertising?
     
  13. the MINION

    the MINION Im not a MINION, im a yellow Tic Tac Banrighted Warteam Member

    Both :p

    Here in Germany there are some Hospitals infected from this Virus, i have heard from an colleague that some hospitals safe their data in form of disconnecting their Network Connections loool

    I also work in a hospital in the IT department and it's definitely not funny in this time. We block all attachments, but it always come with new things, since today also zip files that are infected.
     
  14. SIPKODAR

    SIPKODAR Ban Evasion hunter. Banrighted Warteam Member


    Zip files alone are not infected, their content (exe,scr,pif) is :)
     
  15. OverDoch

    OverDoch Glitch = Autokick

    any file can be infected, even images
     
  16. SIPKODAR

    SIPKODAR Ban Evasion hunter. Banrighted Warteam Member

    Files can be infected, but somehow the code must be executed. You cannot just copy the malicious code into JPEG and launch it, because it is not gonna work.
     
  17. the MINION

    the MINION Im not a MINION, im a yellow Tic Tac Banrighted Warteam Member

    SOOOOOOOORRRRRRRYYYYYY :p
    Yes i know but that was what i mean :) i mean that the infected "locky" files are now send as zip archives....
     
  18. OverDoch

    OverDoch Glitch = Autokick

    obv xD
     
  19. [jc]VanDamme

    [jc]VanDamme Kickrighted Kickrighted

    Get Comodo security suite, the firewall is good, you can block outgoing programs. Might help here if an unknown program wants to dial out!
     
  20. SIPKODAR

    SIPKODAR Ban Evasion hunter. Banrighted Warteam Member

    Well, 9 of 10 modern malware uses process hollowing techinque, so firewall can be tricked easy :)
     

Share This Page