Locky is being distributed at mass scale via phishing and spam email attacks by two major botnets; Necurs and BlankSlate. Both are pushing Locky with the two new known variants; Diablo6 and Lukitus. When infected with the ransomware, systems file will be encrypted with extension .diablo6 or .lukitus,respectively. OTX updated: https://otx.alienvault.com/pulse/598b06a8104ee74f496a4691/ Example of .lukitus variant being distributed by Necurs botnet: Example of lukitus variant being distributed by blankslate botnet. It is referred to as......
Read More
Locky DIABLO6 Ransomware Campaign Launched – IoCs and OTX
Locky IoCs extracted by our security operations center. Public Pulse | TLP: White | encrypts with extension .DIABLO6 OTX...
Read MoreGlobe Imposter Ransomware – IoCs and OTX
Glob Imposter IoCs extracted by our security operations center. Public Pulse | TLP: White | Encrypt filesystem with extension...
Read MoreAutomated PhishTank IoCs and OTX feed – Verified/Online Banking Phishing URLs
This is an automated process that is updated hourly by the Vertek MTI Labs Team. We pull all active/online...
Read MoreAutomated PhishTank IoCs and OTX feed – Verified/Online GoogleDocs Phishing URLs
This is an automated process that is updated hourly by the Vertek MTI Labs Team. We pull all active/online...
Read More