Latest Locky Variant Encrypts with Ykcol Extension – IoCs and OTX
by Vertek Labs
As you can see, our labs team is still seeing Locky is being distributed in a lot of malspam campaigns. This is just a brief variant update. When infected with the ransomware, system files are now encrypted with extension .Ykcol (locky backwards)
OTX updated: https://otx.alienvault.com/pulse/598b06a8104ee74f496a4691/
Example of .Ykcol variant being distributed by Necurs botnet:
Recommended Posts
The “Left of Boom”
April 16, 2024
Case Study: Vertek’s USM Anywhere MDR Helps Larger Auto Dealership in the Northeast Improve Cybersecurity Posture
January 29, 2024
The Top Cybersecurity Predictions for 2024
December 12, 2023