Mail detected with vb script that distributes locky

In recent weeks, Locky ransomware has once again made a hidden appearance on a fake Amazon invoice. Now, a group of security experts has discovered the sending of emails containing VB script. Downloading and executing them allows Locky to enter our computer.

Detected an email with VB script distributed by Locky

VB scripts are compressed into.7z files. Opening them reveals the script and this allows the Locky installer to be downloaded. It is a threat that has been around for a while, but there are still users who become victims. Although the operation of this ransomware is already well known.

Locky attacks again

The content of the messages is being more varied this time, although it seems that they are betting again on sending an invoice. Although, users should check the email address, because it is not usually from a known business. So it should be enough to mistrust this message. Again this is a spam campaign, the third in just over two months.

Email services should be able to detect spam and block it directly. Although, it seems that not in all cases it is so. So Locky can sneak into your computer. Making it manage to take control of the users' computer.

In the event that something like this happens, in the case of Locky it is recommended never to pay the amount demanded. Since despite the payment being made, there is no guarantee that you will recover your files. The way to regain access to your files is to format your computer or restore the previous state of the system.