Saturday, March 05, 2016

"Locky Ransonware" spread through MS Word Macros, can encrypt even unmapped network shares

Webroot is reporting (post by Nathan Wyman Feb. 22) a new kind of ransomware, called “Locky Ransomware”, which seems to be transmissible (so far) only through Microsoft Word Macros – so it can be avoided by not opening unknown Word documents.

The malware encrypts (with an “AES” algorithm) all file types, even on network shares, even if unmapped.  That statement would make me wonder about neighboring servers or cloud backups, which are attached, although that sounds hard to believe.

Sean Gallagher has a similar story on Ars Technica Feb. 17 here.

No comments: