Friday, April 19, 2024

Beware!! Dangerous Locky Ransomware Spreading Via Dropbox Link and Compromise Your PC

By Balaji

Nowadays Trending Dangerous Ransomware “Locky” Discovered that used to spreading via Malicious Email Spam campaign with attached malicious JavaScript (.js) that links to fake Dropbox pages.

The Locky Ransomware re-emerging continuously day by day with new email distribution campaign and its has reported by many Security Research Firm and identified as one of the Fastly Spreading Malware Campaign.

Earlier August 2017, Cyber Security Firm Comodo Threat Research Labs Initially Discover the Variant of Locky Ransomware that was spreading via Phishing Email Campaign.

Few days Before  Massive Locky Ransomware Campaign Over 23 Million Messages sent in 24 hours.which makes it one of the biggest malware campaigns in the latter half of 2017.

Currently, Locky Ransomware spreading very fast and causing big Damage in WorldWide.

This Locky Ransomware variant Targeting Google Chrome and Firefox browser users by forcing to update the  HoeflerText  Plugin.

Also Read:  Massive Locky Ransomware Campaign Over 23 Million Messages sent in 24 hours

How Does Locky Ransomware spreading via Fake Dropbox Link

Initially, Users receive a Spam Email Campaign along with a Dropbox link that says to verify the Email Address, that has arrived from Spoofed Email address and emails were botnet-based, and they came from various IP addresses around the world.

Locky Ransomware

When User Click Email Address it Leads to an another Fake Dropbox Site that hosted WITH fake Dropbox pages and it contains the information with a link and “Please click here to download a new verification message.”

Locky Ransomware

According to Brad Duncan who has Discovered this Email Campaign, this Link Doesn’t work when he tried to access via Internet Explorer 11 or Microsoft Edge.

Later it has tested in Chrome and Discovered that they displayed a fake notification “HoeflerText” font was not found and it contains an update button in chrome.

Locky Ransomware

If user Click the Update button, a JavaScript file named Win.JSFontlib09.js will be received.

JavaScript file Designed to Download and install Locky Ransomware into victims computer.

“Users should be aware of this ongoing threat. Be suspicious of popup messages in Google Chrome that state: The ‘HoeflerText’ font wasn’t found. Since this is a RAT, infected users will probably not notice any change in their day-to-day computer use.”

“If the NetSupport Manager RAT is found on your Windows host, it is probably related to a malware infection,” Duncan said.

Managed WAF Protection

Website

Latest articles

Uncategorized

Alert! Windows LPE Zero-day Exploit Advertised on Hacker Forums

A new zero-day Local Privilege Escalation (LPE) exploit has been put up for sale...
Vulnerability

Palo Alto ZeroDay Exploited in The Wild Following PoC Release

Palo Alto Networks has disclosed a critical vulnerability within its PAN-OS operating system, identified...
Cyber Attack

FIN7 Hackers Attacking IT Employees Of Automotive Industry

IT employees in the automotive industry are often targeted by hackers because they have...
Cyber Attack

Russian APT44 – The Most Notorious Cyber Sabotage Group Globally

As Russia's invasion of Ukraine enters its third year, the formidable Sandworm (aka FROZENBARENTS,...
Android

SoumniBot Exploiting Android Manifest Flaws to Evade Detection

A new banker, SoumniBot, has recently been identified. It targets Korean users and is...
cyber security

LeSlipFrancais Data Breach: Customers’ Personal Information Exposed

LeSlipFrancais, the renowned French underwear brand, has confirmed a data breach impacting its customer...
Cisco

Cisco Hypershield: AI-Powered Hyper-Distributed Security for Data Center

Cisco has unveiled its latest innovation, Cisco Hypershield, marking a milestone in cybersecurity.This groundbreaking...
Balaji
Balaji
BALAJI is an Ex-Security Researcher (Threat Research Labs) at Comodo Cybersecurity. Editor-in-Chief & Co-Founder - Cyber Security News & GBHackers On Security.

WAAP/WAF ROI Analysis

Mastering WAAP/WAF ROI Analysis

As the importance of compliance and safeguarding critical websites and APIs grows, Web Application and API Protection (WAAP) solutions play an integral role.
Key takeaways include:

  • Pricing models
  • Cost Estimation
  • ROI Calculation

    • Book Your Spot

Related Articles

Connect with GBHackers On Security

Join 70,000 Security Professionals

Stay safe online with free daily cybersecurity updates. Sign up now!

GBHackers on security is a highly informative and reliable Cyber Security News platform that provides the latest and most relevant updates on Cyber Security News, Hacking News, Technology advancements, and Kali Linux tutorials on a daily basis. The platform is dedicated to keeping the community well-informed and up-to-date with the constantly evolving Cyber World.

Menu

Contact US:

Email : [email protected]