Locky Launches a More Massive Spam Campaign with New “Lukitus” Variant

August 17, 2017

It has just been a week since the variation of Locky named Diablo6 appeared. Now it has launched another campaign more massive than the previous. This time, it uses “.lukitus”, which means “locking” in Finnish, as the extension for the encrypted files. The FortiGuard Lion Team was the first to discover this variant with the help of Fortinet’s advanced  Kadena Threat Intelligence System [1](KTIS) Fig. 1 Encrypted files with .lukitus extension Fig. 2 Familiar Locky ransom note Same Locky, More Spam This...

Read more...

Previous Article
The Role of E-Rate in Protecting the Digital K-12 Learning Environment
The Role of E-Rate in Protecting the Digital K-12 Learning Environment

The K-12 learning environment has moved beyond the physical walls of the classroom thanks to behavioral shi...

Next Article
Analyzing Android malware using a FortiSandbox
Analyzing Android malware using a FortiSandbox

In this blog post we will analyze a couple of Android malware samples in the Android VM of the FortiSandbox...