Locky ransomware adds anti sandbox feature (updated)

31 August 2017

By Marcelo Rivero and Jérôme Segura The Locky ransomware has been very active since its return which we documented in a previous blog post. There are several different Locky campaigns going on at the same time, the largest being the one from affiliate ID 3 which comes with malicious ZIP containing .VBS or .JS attachments. Malwarebytes researcher Marcelo Rivero discovered a trick documented before with the Dridex Trojan [1] employed by Locky’s affiliate ID 5 to bypass automated analysis done via sandboxes.

Read full news article on Malwarebytes Unpacked

Date:

31 August 2017

Categorie(s):

NEWS

Tag(s):

Locky, Macros, Malware, Ransomware, Security, Threat Analysis, Words

Dating apps kiss’n’tell all sorts of sensitive personal info4 May 2024
Multilogin Antidetect Browser Review 20244 May 2024
Navigating the API Security Landscape: A CEO’s Perspective on Embedding Zero Trust Principles4 May 2024
Lightsail VPN Review: Is Lightsail VPN Safe? [+Best Alternatives]4 May 2024
How To Secure Your Business In The Times Of All-pervasive Hackers4 May 2024