At the beginning of September 2017, cybercriminals began a new ransomware campaign that employed two unique variants: Locky and FakeGlobe. This new approach is the first of its kind, not because of the specific variants used, but because it deploys them in rotation through a single spam email. Let’s take a deeper look at this current campaign and highlight what makes it so dangerous.
The Locky/FakeGlobe combination was discovered by experts at Trend Micro, who noted that the US, Japan and China were the most affected. In fact, they noted that these three countries combined for 44% of the spam emails that were blocked on both the first and second campaigns. With this level of targeting on markets that are so critical for our customers, we’ve taken note, for sure.
As for the actual ransomware payloads being delivered, Locky is an infamous variant that emerged in early in 2016 and has been rearing its ugly head ever since, while FakeGlobe is relatively new. The catch is, since they are deployed in rotation, one hour the payload may be Locky and the next hour it may be FakeGlobe. The danger of this ransomware lies in potential reinfection. Each variant has the ability to encrypt your files separately, which could result in the need for double payments to decrypt them.
But don’t you worry, we can guide you to safety from ransomware in rotation, and any other form of ransomware for that matter. From educating your users early and often to deploying cutting edge threat containment solutions, your company can benefit from a multi-layered, comprehensive protection strategy. In the following infographic, we explore these security solutions in easy-to-understand detail, so that you can see what Veristor has to offer and how we can help you take out ransomware threats before they even get in.
To learn more on battening the hatches against ransomware check out this article: A Multi-layered Cybersecurity Approach to Ransomware Protection
Download the PDF Here.