Locky Ransomware is not lucky. Locky is a type of ransomware that is dispersed through malicious doc. files . These doc files are affixed to spam email messages that contains muddled up text which appeared like macros. Macros is a succession of commands and instructions that you bundle up together as a single command to execute a task automatically. When the user enables the macro settings on their word program an executable file ( the ransomware is now downloaded. This will now encrypt an assortment of files. Your files will be renamed so that they have the extension .locky attached to them. It will now muddle all your important files. Only these cyber criminals have the decryption key. The decryption key can be bought from these thieves through the dark web. They will most probably charge you $400.
You can get this kind of ransomware in these ways:
1. The email you receive has an attached document ( Troj/DocDl-BCF ).
2. The language is very complicated and hard to understand,.
3. If you allow this set-up, the text coding will not be corrected. What will happen that the code will run the document. The file will be saved in a disk and then it will run it.
4. The saved file is known as ( Troj/Ransom - CGX ). It’s actually a downloader , which will retrieve the final payload from these cyber thieves.
5. The final payload is the Locky Ransomware ( Troj/Ransom-CGW ).
Locky Ransomware muddles all types of files that will resemble a lot of extensions. It becomes really complicated because this will include your videos, images, source codes and your office files. It will also scramble up your bitcoin wallet file wallet.dat. This is if you have one. Locky also erases your Volume Snapshot Service f iles. Once Locky hits you, it will show a message on what you should do.It will muddle up all your files in any of your directories. If you are connected to any removable drives at that time, even the files on these drives will be muddled.
It is important to backup your files constantly. Do not just open emails. If you are not sure who the sender is delete it. Keep your macros in document attachments disabled. Always be aware of updated patches.