A new ransomware named “Locky” is currently circulating in the wild and making the headlines. There are some good reports regarding Locky ransomware already available over the Internet. This blog intends to focus on some technical areas that (we believe) have not been covered yet, namely, its domain generation algorithm, command and control communication, and file encryption.
Based on Harry71’s Onion Spider, the Locky decryptor page became available on February 6, 2016 which may indicate the start of Locky’s operation.
The ransomware is capable of serving ransomware notes in different languages.
According to Fortinet, it is believed that the actors behind Locky are experienced cybercriminals.
Read Full report Here