Contact Us

 1300 377 172

   08 7078 0313

 Location

286 Glen Osmond Road

Fullarton SA 5063

Australia

10
March
2016

Digital Security Update - March 2016 UPDATED

Locky Special Edition (updated 15th March)

Evolution of Ransomware

Locky on the Rampage...

No, this isn't a post about a monster of the deep in Scotland, although that would be pretty exciting.  This is far more sinister.

It's being widely reported across IT security sites that the latest Ransomware out of Russia is highly active, with around 3 million incidents already reported and no sign of it slowing down.  At present, Australia hasn't been specifically targeted but it's only a matter of time before this happens.

(UPDATE: 15-03-16. Locky is now being distrubuted in Australia. It's attached to a faked email from Australia Post. Do not open any attachment in emails from Australia Post. Australia Post have stated they will never send an email asking the recipient to open attachments.)

Currently Locky is spread as a macro enabled Word doc attached to an email, and, more recently, as an obfuscated Javascript file within a zip which is masquerading as a scanned document.

Double clicking on the Javascript is likely to launch your web browser which will result in your computer being infected.  Many anti-malware applications won't be able to detect and prevent this infection mechanism.

More information can be found here: http://bit.ly/1py5B1M

Fore the more technical, an explanation of how the malware operates can be found here: http://intel.ly/1UTCjXj

To prevent infection via the Javascript file, you can associate '.js' files with an application that won't cause them to run in your browser.  The simplest is a text editor which means that when you double click the file, its contents will be displayed rather than it automatically executing and potentially costing you huundreds of dollars.

To change the default program associated with Javascript, open Control Panel then type 'default' in the search box.

Click on the Default Programs option

default program search

Click Associate a file type or protocol with a program

associate file type

Scroll down to the '.js' entry then click the Change Program button.  You'll be able to select the 'default' program from a list of programs.

Select Notepad.exe or your favourite text editor.  Click the Close button and you're done.

set associations

Categories: Managed Services

Leave a comment

You are commenting as guest.

DNG Technology

286 Glen Osmond Road
Fullarton SA 5063

Phone: +61 1300 377 172

Fax: +61 8 7078 0313

info@dngtech.com.au

Register for the DNG Newsletter