Locky Bringing the Malware Volume Back Up
Earlier this year, we had a lull in malware traffic for about three weeks after the Necurs botnet quite suddenly stopped sending out junk. History repeated itself on October 6th when we experienced another drop in malware traffic. Today, that dive in traffic might be over, ending this streak. The Locky malware has kicked it in to high gear again this morning dishing out around 14 million virus emails so far.
After encryption, I found an HTML file on the desktop with the ransom note as well as receive an image popup with the information on how to pay the ransom using Tor. This is pretty standard practice once the file encryption process is done.