Locky now using the Aesir Extension

Locky still on the loose.

Unfortunately, I got a call from one of my clients they were informed that they have a program that is converting all their files to .AESIR. It turns out that after a little research that this is a recent modification of the Locky Virus. The client is using Vipre and it had no indication the files were corrupted all of the last 10 scans were clean. This not my first ride with this virus but I am going to use this as a another example to stress why version backup of files is important.  This is one of the best methods to protect yourself from this virus. For Home users and Business users there are many solutions our first and simplest is Carbonite so check out our Carbonite Page to start a subscription today or contact us and we can assist you in selecting a solution that is correct for your business. For more information see the summary below and then click on the link for the full article at Bleeping Computer.

Locky AESIR variant being distributed via Fake ISP Complaint Emails

Early this morning, a new Locky campaign was discovered that is spewing out emails that pretend to be an ISP complaint stating that SPAM has been detected coming from the computer. Further testing of the new sample shows that Locky has also changed the extension for encrypted files to .AESIR.

This new extension continues to stay within the Norse god mythology, with the previous variant using the Thor extension.

Unfortunately, at this time there is still no way to decrypt the Locky Ransomware.

Locky AESIR variant being distributed via Fake ISP Complaint Emails

This new Locky campaign is being distributed through emails that pretend to be a complaint from your ISP, which state that SPAM is being sent from your computer.

Source: Locky Ransomware now using the Aesir Extension for Encrypted Files

Tags: cryptolocker, E2 Computers, Locky, Tarpon Springs, Virus