Locky is one of the most potent forms of crypto-ransomware in existence today. Even though security researchers try to combat this malware, the developers remain one step ahead. In fact, a new phishing campaign distributing Locky ransomware has been discovered, which targets 22 potential victims. All of these users were part of the US Office of Personnel Management data breaches in 2014 and 2015.
Criminals always find news ways to target potential victims with malware and ransomware. Even though the data breaches affecting the Office of Personnel Management took place nearly two years ago, the information remains valid to this day. A lot of sensitive personal information was obtained by hackers, and they will direct target campaigns to different types of victims.
A New Locky Ransomware Campaign is Underway
One of those campaigns is already underway, as criminals impersonate OPM representatives. These individuals target government contractors and workers whose information was stolen during the attack. By sending phishing messages to these victims, recipients are asked to examine an attached file. This particular file is a ZIP file which executes the Locky payload when opened.
To make the emails seem less suspicious, they all contain the signature of OPM account