After almost an almost non-existent presence in 2017 and a few weeks off, Locky is back with a fresh wave of SPAM emails containing malicious docs. While it is not known what caused Locky's hiatus, if they plan on pushing the ransomware like they previously did, then we all need to pay close attention.
Typical week in ransomware with a lot of small little variants released and resurgence of activity from Crypt0L0cker. The biggest news this week is that someone posted the master decryption keys for the Dharma Ransomware in the BleepingComputer.com forums, which were used to create working decryptors.
A bunch of small ransomware variants were released, but we did have a new release of the Locky Osiris variant and the interesting Popcorn Time. To me the most interesting story is Popcorn Time as they offer victims the ability to get a free decryption key if they can get two other people infected and have them pay the ransom.
Once again, the developers of the Locky Ransomware have decided to change the extension of encrypted files. This time, the ransomware developers moved away from Norse gods and into Egyptian mythology by using the .osiris extension for encrypted files.