You heard it right, Locky, the most popular ransomware out there, have launched new variant to the wild.
The new ransomware versions released perform slender, yet very interesting, changes that may affect the way they are being detected.
The ever changing Locky ransomware has just released a new variant which implements new evasion techniques and adjusted ransom tariff.
Researchers at Check Point suspected the man behind Locky probably wished to evade security products that already had “signatures” available for the previous versions.
As in all previous releases, Locky changed the encrypted files extension; this time it has changed to *.zzzzz.
Researchers at Check Point claimed one more behavior change for Locky. This variant demands extortion according to “class and creed” of file and the user.
As in the previous versions, Locky was following a default extortion of 3 Bitcoins.
Now the payment amount may change keeping some factor in mind like the victim’s characteristics, especially number of encrypted files. The lowest amount that has been demanded in labs was 0.5 Bitcoin as claimed by Check Point.