Locky infections through .js file attachments are reported mostly in Europe, but users in Canada and U.S. also have fallen victims of this large-scaled attack.
The trick here is, that the icon looks very much like a document and it may confuse users. Some even may not know what type of file is .js and that it can hide the some danger inside. In fact, such infected files are ideal for distribution of not only Locky but also a wide variety of other ransomware such as the well-known CryptXXX, CryptoWall or even some new malware.
Another warning sign, justifying the security experts’ concerns is that a massive increase in the spread of the JS/Danger.Script attachment has been detected by researchers recently. This malicious script is actually a dropper, created with the only purpose to download other malware on the infected PC. It usually introduces the system to crypto-ransomware infections like Locky ransomware and many more.
It is important for users not to get misled by the sophisticated social engineering tactics, used by the hackers. Their only goal is to make the unsuspecting users execute the malicious attachment. Being aware of the threats that are going around the web helps users be on alert and avoid infections. Once again we will point out that ransomware is a trendy threat – one of the most dangerous malware infections spreading worldwide at the moment. Therefore, to be cautious is essential to our security.