ODIN ransomware steps in as the newer version of Locky

by
 
 

Few users might have heard of the horrifying ransomware called Locky which was launched a couple of months ago. Using an anonymous browser and exquisite encryption algorithms, it succeeded in inflicting severe damage throughout the entire virtual universe. Though it continued its misdeeds under Zepto name for a while, virus researchers noticed a significant ebb. However, not for long. Now the same Locky has merged again under the name of Norse god, Odin.

Like Locky, the new version did not shift to using a completely different encoding technique. ODIN ransomware exploits AES-128 and RSA-2048 ciphers to finish the encryption process. Moreover, it prefers employing .dll executable rather than previously used .js or .wsf. It targets a wide range of different music, documents, image and video files. If you keep them on the Desktop or even in Program Files, they risk getting corrupted. After the process is finished, they are marked with .odin extension. As usual, in its _HOWDO_text.html file, it instructs a victim to download a Tor browser which ensures the anonymity of the hacker.

If Honolulu residents few have heard of the ransomware before, they surely have after the recent news. Their local Fire Department was hijacked. Luckily, the staff was able to eliminate the threat successfully and restore the files from the backups without suffering financial losses. You might wonder as to what contributes to such successful yet terrifying cyber campaign. Spam emails highly empower the distribution of the cyber threat. Do not rush to open any email which is disguised as an invoice or receipt file, package delivery or a financial report.

Despite ist menacing operation, you still can confront and terminate the threat. Virus researchers suggest installing the newest version of an anti-spyware application which performs ODIN removal within a couple of minutes. In the provided link, you will find explicit information of data recovery options as well.

Comments are closed.