Jonas Spieckermann, Watchguard
Artikel vom WatchGuard Security Center:
Last week, a new ransomware variant called Locky began spreading in the wild.
Locky encrypts data on an infected system using AES encryption, and then leaves a blackmail letter (which is localized in several languages) asking for half a bitcoin to get your data back. More disturbingly, it also searches for any network share (not just mapped shares), and encrypts data on those remote shares as well. If you leverage cloud storage solutions, your backup may get infected as well when it synchronizes the encrypted files. Currently, researchers have not found a way to decrypt files Locky has locked.
Figure 1: Example of Locky’s ransom warning.