Don’t call it a comeback: Locky ransomware ups attack methods

Locky ransomware has evolved its attack method, using the AESIR-file extension and disguising itself as emails from legitimate companies. It has also been found to spread through Facebook Messenger by mimicking an image. There is currently no way to decrypt Locky ransomware, so the only way to recover files is through a backup. The constantly evolving program and delivery methods make Locky ransomware difficult to combat. It has been particularly targeting the healthcare industry in recent months.