E-mail users have been warned after 23 million messages infected with the Locky malware strain were sent out by cybercriminals earlier this week.
The huge amounts of ransomware infected e-mails were sent out to e-mail addresses on Monday August 28.
The e-mails have vague subjects such as “please print”, “photo”, “documents” and “images” among other titles.
The messages also come with a ZIP file attached to it, and if you see any such messages from a suspicious looking e-mail address do NOT click on it.
The ZIP file contains a Visual Basic Script (VBS) file and if executed will start to download the latest strain of the Locky ransomware.
Once the encryption process is completed, it will add a “.lukitus” extension to ALL files on the victim’s now infected computer.
The innocent victim will then be asked to pay 0.5 Bitcoins to decrypt the files – which equates to an eye-watering £1,862.
The ransomware campaign was discovered by AppRiver, who described it as one of the largest malware campaigns seen in the second half of 2017.
In a blog post outlining the malware threat, they added: “There currently are no publicly shared methods to reverse this Locky strain.”
Express.co.uk would advise users to NEVER open an e-mail from a suspicious looking address, especially one with an attachment.
Plus, it is always good practice to keep back-ups of your files in the event of a worse case scenario.
The cybercriminals behind the latest malware campaign only need a handful of the millions of e-mails sent to be successful to earn a big profit, as the ransom is so large.
Locky is one of the most successful variants of ransomware of all time.
It rose to prominence during 2016 following a number of high-profile infections, and was once the most common form of malware being circulated.
It had a period of inactivity before coming back resurgent this week.
The malware warning comes after Express.co.uk revealed this week that over 700million e-mail accounts have had their addresses leaked by a spambot.
The Onliner spambot, which has been operational since 2016, was using this list of 711million e-mails to spread dangerous banking malware.
The huge number of leaked e-mail addresses is almost equivalent to number of every man, woman and child in the whole of Europe.
The breach, one of the largest of its kind, also saw passwords linked to millions of the affected e-mail accounts published.
To check if your e-mail address has been affected by the breach, you need to go to haveibeenpwned.com.
The e-mail breach was outlined by Australian computer security expert Troy Hunt, who runs the Have I Been Pwned website.
On his blog he wrote: “Last week I was contacted by someone alerting me to the presence of a spam list. A big one.
“That’s a bit of a relative term though because whilst I’ve loaded ‘big’ spam lists into Have I been pwned (HIBP) before, the largest to date has been a mere 393m records and belonged to River City Media.
“The one I’m writing about today is 711m records which makes it the largest single set of data I’ve ever loaded into HIBP.
“Just for a sense of scale, that’s almost one address for every single man, woman and child in all of Europe.”