Inspired by Locky virus: Zepto ransomware is a new threat

In the dark side of the Internet, hackers and ransomware developers can easily inspire each other to create new, dangerous and powerful viruses. One of the greatest and well-known sources of ‘inspiration’ was Locky virus that launched its first attack and loudly announced about its birth in the middle of 2016. At first, the ransomware virus targeted hospitals in the USA, but it wasn’t enough. After successful attacks, the virus started spreading all over the world, targeting both – people and institutions. During the time, when victims were thinking about paying the ransom and looking for free file decryptor, the hackers were creating and developing a new threat. Recently, they launched a Zepto virus which is a new version of the famous Locky virus.

Security specialists noticed that the virus has many similarities to the Locky and the ransomware-type viruses in general. After entering the PC, the virus starts scanning computer’s system and encrypting the files using RSA-2048 and AES-128 algorithms. Locky virus uses this algorithm too. However, this ransomware adds a different file extension to all encrypted files. As you might have guessed, it puts .zepto extension. After successful encryption process, the virus informs victim what just have happened by changing desktop’s background and encouraging reading a ransom note called _[2 chars]_HELP_instructions.html. Of course, victims have to pay the ransom if they want to use their files again. An amount of money hackers asks to pay varies depending on the size of locked files. It is known that virus targets large business subjects as well as random computer users. So, various companies and institutions might be asked to pay a huge ransom. We want to remind you, that paying the ransom is always a bad decision. Hackers rarely give decryption key, but gladly take the money.

Certainly, no one wants to encounter Zepto virus and pay the ransom. For this reason, you should take precautions. Firstly, you should make backup copies of your files and store them in external devices. Secondly, you should be aware that the common way how ransomware spreads is via malicious e-mail campaigns. So, do not open any suspicious e-mails and, most importantly, do not download an attached file. These e-mails include messages that express urgent need to download an attached .zip or .docm file. IT specialists found thousands of different email examples. Indeed, the crooks are creative and willing to generate lots of money. So, you have to be careful and tell your co-workers to do the same. The new ransomware is dangerous and spreads fast. During the first four days, the virus has sent almost 140 000 infected spam e-mails. The virus was launched at the end of June, so, you can only imagine how many times the amounts of sent malicious emails have increased.