– The “Locky” Ransomware – 
What you need to know and be aware of

The Locky Ransomware has not only become the most active Ransomware out there but also is the latest risk to your files. It’s a windows infection that came out at the start of 2016 and without a doubt infects versions as new as Windows 10, even with your anti-virus installed.

If you become unlucky enough to get this, your files become encrypted and then you will be shown a screen usually on your desktop wallpaper with a ransom to pay an amount of bitcoins on the dark web for a decryption key to be sent to you, with what sounds like a way out of this hell.

At the moment there are no free tools to decrypt these locked files and we advise against paying the ransom. Remember, it’ll be down to the crooks whether they want to give you the decryption key even after you paid. They cannot be traced.

The ransom asked varies from anything between 0.5 BTC to 1.5 BTC which is around £260 on average

The message you may see on your computers wallpaper.

How does “Locky” get on my computer?

Well this is one that catches the majority of people out, the most common ways to communicate now aside to social networking is emails. Now, you may have already been close to this infection where they cleverly add this through emails which pretend to be an invoice from what looks like a reputable or trusted company, if you’re in business and receive many emails containing invoices daily then this I am sure will catch you out sooner or later unless your one step ahead.

The example shown here is from one of our customers that shows an attachment for an order that was apparently placed that’s been shipped, from FedEx (This is masked, and is NOT from FedEx)

If you were curious to open this .zip file, inside you will most likely see a word document which may ask you to enable macros or run a JavaScript file, doing so will start the infection that locks up your files.

You can also get infected by Locky when visiting a hacked website; this is why it’s always important to seek advice from us if you suspect something is not right. Always remember to try and keep your Windows system installed to its latest version and updates including all programs as a hacked website tries to exploit programs which are vulnerable, then as you guessed use that vulnerability to infect.

I would love to end there on how it spreads but once it’s on your PC it has the strong ability to encrypt files over your network!

Conclusion on prevention

• Always be vigilant on emails you receive and what they contain. Just because it looks like from a trusted source it may not be!
• Keep your windows operating system up-to date including all programs / apps to avoid security breaches
• If you have a small or large network we recommend to review all shares and ensure the folders / files have the correct permissions set.
• There is software available if you wanted to view a document without actually opening them the program required, provided free by Microsoft – Microsoft Free Document Viewers

Always, Always, Always backup your files on a regular basis and try to keep a copy either on a cloud or somewhere off-site.  We recommend Dropbox as a cloud storage, giving you 2GB of space for free – Get Dropbox

Here at MODXPC Repairs we do not just offer a professional service to all desktop and computer repairs in Romford and surrounding areas but provide free advice and tips on how to avoid such issues like above.

We hope this helps save you from this nightmare!