Security experts warn local computer users to guard against data in their computer being held hostage by a new ransomware named Locky.
After being introduced to a computer, Locky locks files. The user would no longer be able to access the locked files unless they pay a ‘ransom’.
Locky, which is rampant around the world, was first spotted in Hong Kong two months ago. A total of 41 Locky attacks have been reported to the Hong Kong Productivity Council (生產力促進局) since mid-February.
Most victims are small and medium-sized enterprises. But teachers are falling victim too, with 10 schools confirming infections of their PCs. Most victims cite lost files, such as worksheets, exam apers and student records. Other Locky damages included schools websites being defaced and files on servers and USB flash drives being encrypted.
Locky usually targets Internet Explorer users. They are often sent via e-mail with document attachments disguised as invoices or payment vouchers. Once downloaded, Locky scrambles and encrypts files, including videos and images. All encrypted files with a ‘.locky’ extension can no longer be opened.
Victims usually find out about the damage when their desktop wallpaper changes into a ransom note demanding payment in bitcoins for a ‘decrypter’ that can unlock the files. One bitcoin is worth about HK$ 3,300.
Apart from not opening e-mails of unknown or suspicious origin, computer experts also advised users to often back up files as a defence.
(This article is published on Junior Standard on 15 April 2016)
Productivity Council security alert
What is ransomware