Threats and IoCs


As you can see, our labs team is still seeing Locky is being distributed in a lot of malspam campaigns.  This is just a brief variant update.  When infected with the ransomware, system files are now encrypted with extension .Ykcol (locky backwards) OTX updated: https://otx.alienvault.com/pulse/598b06a8104ee74f496a4691/ Example of .Ykcol variant being distributed by Necurs botnet:...

Read More