Concerned About Your Business Cyber Security?

(877) 321--7374

Ongoing Ykcol (Locky) campaign, (Wed, Sep 20th)

Today I noticed a high amount of e-mails on my honeypots with similar subject, body and attachment. It caught my attention . After inspecting the attachments and doing some analysis, it was not difficult to realize that those supposed “Status Invoice” messages were, indeed, part of an ongoing campaign pushing a Locky ransomware variant that is being called Ykcol (or Locky in reverse) due to the encrypted file extension (“.ykcol”).

Ready For ASuperheroI.T. Solution?

Real Time Web Analytics