Recommended Stories
Bhubaneswar: As a preventive measure against possible threats of Locky ransomware, after the Centre sounded alert on the deadly virus earlier this month, the cyber cell of Odisha Crime Branch on Saturday issued an advisory asking users to upgrade their cyber security and follow guidelines for safekeeping of their digital platforms from the deadly virus.
Urging users not to open any emails with attachments from anonymous senders or untrusted sources, the crime branch said the malware is distributed through a new file extension called “.diablo6” with extension “.Lukitus” to encrypt files.
Highlighting the features of the ransomware, the advisory said the virus spreads through the help of spam emails containing malicious ZIP attachments. These zip file attachments contain Visual Basic Scripts (VBS) embedded in a secondary zip file. The VBS file contains a downloader leading to domain “greatesthits[dot]mygoldmusic[dot]com, it said.
The spam mail messages generally contain common subjects “please print”, “documents”, “photo”, “images”, “scans” and “pictures”, enticing users to click on these files. Once opened a variants of Locky ransomware get downloaded automatically on the computer and desktop background of computer changes and shows an HTM file named “Lukitus[dot]htm”. Users are then asked to pay a ransom of 0.5 Bitcoin, which is equivalent to Rs 1.5 lakh, the advisory said, adding that if someone falls victim to the virus then they are instructed to install the Onion Router Network (TOR) browser, which takes users to a decryption service.
Besides, the crime branch has also laid down some general preventive guidelines which are as follows.
- Avoid opening attachments or suspicious links from untrusted emails
- Keep anti-virus up to date to avoid other infections that may allow the ransomware to enter the system
- Disable macros in Microsoft Office products.
- Keep third party applications of the operating system like MS Office, browsers or browser plugins up-to-date with the latest patches.
- Follow safe practices when browsing the web. Ensure the web browsers are secured enough with appropriate content controls.
- Regularly backup important data.