Security Experts Infiltrate Locky Ransomware C&C Server

Bitcoin ransomware has been the front and center of media attention in recent months, but luckily, security researchers are inching closer towards a solution. A second C&C server for the Locky malware has been breached by a white hat hacker, which will help in finding solutions for infected victims.

Another Malware C&C Server Breached

The Locky ransomware has been making a lot of headlines during its brief existence so far, as it is one of the most prolific pieces of malware to be found. But as it turns out, this piece of software is not as impenetrable as most people had initially assumed.Similar to most other types of ransomware, Locky makes use of C&C servers, which present a central point of failure.

Avira security researchers made a note of how one of these command-and-control servers has been breached by – what they assume to be a – white hat hacker. This person managed to access and infiltrate this server and replace the ransomware payload with a dummy file. Rather than downloading the malware itself, users connecting to this server would get a message “Stupid Locky” on their screen, but would be safe from harm otherwise.

It is not the first time a ransomware C&C server is breached, as a similar report surfaced a few months ago. That particular attack saw a white hat hacker infiltrate a Dridex banking malware C&C server, bringing the distribution through that platform to a halt. In fact, the infiltrator updated most of the malicious links with urls to Avira antivirus web installers.

These types of attacks are a warning to internet criminals, as they often feel invulnerable when spreading their malicious software. However, as it turns out, this false sense of security is nothing more than a bubble being punctured right now, and security experts discovering these vectors of weakness is a positive thing.

As they gain more knowledge about these malware attacks, they will have an easier time coming up with solutions for affected victims. Coming up with these solutions is of the utmost importance, as victims should never even consider paying the ransom in the first place. Unfortunately, that is easier said than done in most cases.

Source; Dark Reading

Images credit 1,2

If you liked this article follow us on Twitter @themerklenews and make sure to subscribe to our newsletter to receive the latest bitcoin and altcoin price analysis and the latest cryptocurrency news.