Latest Locky Variant Encrypts with Ykcol Extension – IoCs and OTX

by Vertek Labs
As you can see, our labs team is still seeing Locky is being distributed in a lot of malspam campaigns. This is just a brief variant update. When infected with the ransomware, system files are now encrypted with extension .Ykcol (locky backwards)
OTX updated: https://otx.alienvault.com/pulse/598b06a8104ee74f496a4691/
Example of .Ykcol variant being distributed by Necurs botnet:
Recommended Posts
How to Detect and Prevent Ransomware Attacks
November 22, 2023

Vertek Fully Managed Halcyon + FlexMDR
November 14, 2023