Locky Launches a More Massive Spam Campaign with New “Lukitus” Variant

It has just been a week since the variation of Locky named Diablo6 appeared. Now it has launched another campaign more massive than the previous. This time, it uses “.lukitus”, which means “locking” in Finnish, as the extension for the encrypted files. The FortiGuard Lion Team was the first to discover this variant with the help of Fortinet’s advanced  Kadena Threat Intelligence System 1

Fig. 1 Encrypted files with .lukitus extension

Fig. 2 Familiar Locky ransom note

Same Locky, More Spam

This…

Article Link: https://blog.fortinet.com/2017/08/17/locky-launches-a-more-massive-spam-campaign-with-new-lukitus-variant