Announcement of 18. October 2016

New version of Locky ransomware in circulation again

G DATA security experts analyse extortion Trojan.

Extortion Trojan Locky caused a sensation among computer users and in the media some eight months ago. Now a new development of the malware is being distributed again. The files it encrypts are given the file ending .ODIN. Malware analysts at G DATA have examined the ransomware more closely and present their results in the SecurityBlog. Users of current G DATA security solutions are protected: the malware investigated is known as Script.Trojan-Downloader.Locky.CQ or Win32.Trojan-Ransom.Locky.CQ.

The analysis by the G DATA security experts can be found in the SecurityBlog.

How can I protect myself?

  • The best protection against ransomware is to perform regular backups. Those must be stored on a medium separate from the system. If you run a backup to an external hard disk, remove it after the backup and ensure that this storage medium is offline unless it is needed. With regular backups you can ensure that you do not lose any data in the event of an actual ransomware infection and can easily restore your system. When doing so, make sure to use a secure medium such as a CD that cannot also become infected.
  • An infection can also be prevented if the user does not log in with his admin account at all times, but sets up a guest account instead. As this account has fewer rights, ransomware cannot penetrate as deeply into the system and, ideally, will not cause any damage.
  • In addition to this, regular updates your operating system should be performed. In this way you can close security holes. The same applies to your browser and any other software installed on your system.
  • Browser protection is also useful for protecting you from dangerous scripts and from accidentally downloading malware.
  • Bogus and fraudulent emails can be made secure while still in your inbox via special security software. That way, such emails are no longer a problem. Antivirus software also detects malware such as Trojans and deletes it.

Media:

Files:

Announcement of 18. October 2016

Contact

G DATA Software AG
G DATA Campus
Königsallee 178
D-44799 Bochum

Phone: +49-234-9762-239
E-Mail: presse@remove-this.gdata.de

Kathrin Beckert-Plewka
Public Relations Manager
Phone: +49 (0) 234 - 9762 507
E-Mail: kathrin.beckert@remove-this.gdata.de

Christian Lueg
Public Relations Manager
Phone: +49 (0) 234 - 9762 160
E-Mail: christian.lueg@remove-this.gdata.de

Dominik Neugebauer
Public Relations Manager
Phone: +49 (0) 234 - 9762 610
E-Mail: dominik.neugebauer@remove-this.gdata.de