‘Locky’ Ransomware is Back Again : Ykcol and Asasin Ransomware Variants

List of frequently blacklisted Mobile apps by Enterprises around world
October 6, 2017
Wifi WPA2 Security Cracked: ” KRACK ” attack puts nearly every Android and Apple device at risk
October 17, 2017
List of frequently blacklisted Mobile apps by Enterprises around world
October 6, 2017
Wifi WPA2 Security Cracked: ” KRACK ” attack puts nearly every Android and Apple device at risk
October 17, 2017

‘Locky’ Ransomware is Back Again : Ykcol and Asasin Ransomware Variants

Unfortunately, at this time it is still not possible to decrypt .asasin or .ykcol  files encrypted by the Locky Ransomware for free.

Cybercriminals behind the Locky ransomware have revamped the malware’s code three times in 30-day period and blasted out massive spam campaigns. According to researchers at Trustwave, the latest variant of Locky ransomware is called Ykcol (that’s Locky spelled backwards) and was part of a Sept spam blast targeting more than 9 million inboxes within a 6 days. Messages were sent from a notorious Necurs botnet.

Today a new Locky Ransomware variant was released that now uses the .asasin extension for encrypted files.

It is important to note that if you are infected with this ransomware, you are not infected with the Asasin Ransomware, as some sites may call it. You are instead infected by Locky, which is using the .asasin extension. This variant is currently being distributed via spam emails that have a subject line similar to “Document invoice_xxx_return.pdf ” and is being spoofed to appear from legisy companies with the email genuine emails.

There really are not much differences between this variant and the previous ykcol variant. The biggest change is that when this variant encrypts a file it will modify the file name and append the asasin extension. When renaming the file, it uses the format xxx.asasin.

Unfortunately, at this time it is still not possible to decrypt .asasin files encrypted by the Locky Ransomware for free. The only way to recover encrypted files is via a backup. Tier3 can help its customers in protection against such Ransomware threats.

How ever a point to be noted is that since last variant Diablo to Ykcol the cost of ransom dropped from .5 bitcoins to .25 bitcoins or from $2000-$2500 to $1000-$1250.

 

Leave a Reply

‘Locky’ Ransomware is Back Again : Ykcol and Asasin Ransomware Variants
We value your privacy
We use cookies to enhance your browsing experience, serve personalized content, and analyze our traffic. By clicking "Accept All", and by using this website you agree to our Cookies and Data Protection Policy.
Read more