Locky Ransomware Rises from the Crypt with New Lukitus and Diablo Variants

New variations of Locky—Diablo and Lukitus—have surfaced from the ransomware family assumed by many to be dead. In the wake of ascending to notoriety as one of the principal significant types of ransomware to make worldwide progress, Locky’s essence in the long run blurred. Be that as it may, it shows up this infamous assault is back with appropriation through the Necurs botnet, one of the biggest botnets being used today.


Install mcafee for PC protection & Safety.


Webroot Protects Against Diablo and Lukitus


We’ve seen action hitting Windows XP, Windows 7, and Windows 10 machines in the United States, United Kingdom, Italy, Sweden, China, Botswana, Russia, Netherlands, and Latvia.

How are These Attacks Deployed?


As with previous versions, the initial attack vector is through malspam campaigns in which phishing emails contain a zipped attachment with malicious javascript that downloads the Locky payload.

Once the Locky payload is dowloaded, it encrypts the users’ files with “.diablo6” and “.Lukitus”, respectively.

Then it changes the desktop background and provides the rescue pages “diablo6.htm” and “lukitus.htm”, which are identical.

the Locky ransomware instructs the user to install a Tor Browser, then navigate to your unique .onion address to pay the ransom.


Visit : norton.com/setup install for complete computer security.

and releated terms mcafee activate product key

Leave a Reply

Your email address will not be published. Required fields are marked *