Locky Ransomware Switches to the Ykcol Extension for Encrypted Files
Coldshell a malware analyst from Stormshield, discovered this new variant on 18 September. This ransomware works out by sending emails with the subject line “Status of invoice” that contain a 7z attachment.This attachment contains a VBS file, which when executed will download the Locky executable from a remote site and execute it. When Locky has finished encrypting the computer, it will remove the downloaded executable and then display a ransom note that provides information on how to pay the ransom. Ykcol.htm and ykcol.bmp. is the changed name of this new Locky version
It is not possible to Free your files from the Locky Ransomware Ykcol Variant
Sadly, at this time it is impossible to decrypt. ykcol files encrypted by the Locky Ransomware for free.The only way to recover encrypted files is via a backup, or if you are incredibly lucky, through Shadow Volume Copies. Though Locky does attempt to remove Shadow Volume Copies, in rare cases ransomware infections fail to do so for whatever reason. Due to this, if you do not have a practical backup, it is suggested that people should try as a last resort to restore encrypted files from Shadow Volume Copies.
Also read - How to remove authrootsl.com
How to protect yourself from this Ransomware?
In today’s digital world it is very important to secure your computer for any cyber-attacks, it is important that good computer hygiene and habits are followed and reliable security software is being install on your computer. First and foremost, you should always have a reliable and strong backup of your data that can be restored in the case of an emergency, like a ransomware attack. Make sure you follow the following safety online security habits, which in many cases are the most important steps of all:
- Always have a strong Backup of all the important data.
- Be careful when you open any attachments, if you do not know who sent them don’t open it.
- Emails with attachment with suspicious headings shouldn’t be opened until you confirm that the person actually sent you them,
- Scan attachments with tools like anti-virus tool before opening it.
- Make sure all Windows updates are installed updated! Also make sure you update all programs, especially Java, Flash, and Adobe Reader. Therefore, it is important to keep them updated.
- Have a good reliable security software installed.
- Use complex passwords to be safe and try avoiding reusing the same password on multiple sites.
Download Free Removal Tool
Tips to Prevent Locky Malware using .Ykcol from Infecting Your System:
1. Enable your popup blocker: Pop-ups and ads in the websites are the most adoptable tactic used by cybercriminals or developers with the core intention to spread malicious programs. So, avoid clicking uncertain sites, software offers, pop-ups etc.
2. Keep your Windows Updated: To avoid such infections, we recommend that you should always keep your system updated through automatic windows update. By doing this you can keep your device free from virus. According to the survey, outdated/older versions of Windows operating system are an easy target.
3. Third-party installation: Try to avoid freeware download websites as they usually install bundled of software with any installer or stub file.
4. Regular Backup: Regular and periodical backup helps you to keep your data safe in case the system is infected by any kind of virus or any other infection. Thus always backup important files regularly on a cloud drive or an external hard drive.
5. Always have an Anti-Virus: Precaution is better than cure. We recommend that you install an antivirus like McAfee or a good Malware Removal Tool like Free Malware RemovalTool
6. Install a powerful ad- blocker for Chrome, Mozilla,and IE.
