12 Sep Lukitus Ransomware
Lukitus is an updated variant of a ransomware-type virus called Locky. During encryption the virus renames encrypted files using the “32_random_letters_and_digits].lukitus” pattern.
The desktop wallpaper and HTML file contain identical ransom-demand messages stating that files are encrypted and can only be restored via a specific decryption program using a unique key. Unfortunately, this information is accurate. As mentioned above, Lukitus uses RSA and AES cryptographies and, therefore, unique decryption keys are generated for each victim
How did ransomware infect my computer?
Although Lukitus is distributed via spam emails, cyber criminals often proliferate similar malware using fake software updaters, trojans, and third party software download sources (freeware download websites, free file hosting websites, peer-to-peer networks, etc.) In this case, Lukitus is delivered in a compressed .rar file, however, spam emails often contain JavaScript, MS Office documents, and other similar files designed to download/install malware. Fake software updates exploit outdated software bugs/flaws to infect the system. Third party software download sources often proliferate malicious executable by presenting them as legitimate software.
No Comments