Lots of ransomware stories this week. We have two new decryptors, quite a few new ransomware infections, PadCrypt being hidden inside a fake credit card generator, and a few new variants. The biggest news is two new variants of the Locky ransomware that append the .zzzzz and .aesir extensions for encrypted files.
Early this morning, a new Locky campaign was discovered that is spewing out emails that pretend to be an ISP complaint stating that SPAM has been detected coming from the computer. Further testing of the new sample shows that Locky has also changed the extension for encrypted files to .AESIR.