It has just been a week since the variation of Locky named Diablo6 appeared. Now it has launched another campaign more massive than the previous. This time, it uses “.lukitus”, which means “locking” in Finnish, as the extension for the encrypted files. The FortiGuard Lion Team was the first to discover this variant with the help of Fortinet’s advanced Kadena Threat Intelligence System 1
Fig. 1 Encrypted files with .lukitus extension
Fig. 2 Familiar Locky ransom note
Same Locky, More Spam
This…
Article Link: https://blog.fortinet.com/2017/08/17/locky-launches-a-more-massive-spam-campaign-with-new-lukitus-variant