Understanding Zepto Ransomware: The new version of Locky
In June 2016, Zepto Ransomware which is a new version of the Locky ransomware was unearthed as its makers unleashed it upon the users worldwide, affecting computers across the globe. The basic principle of the Zepto Ransomware remains the same. It works like a typical ransomware does, seizing the files on a victim’s PC and encrypting them. Its trademark is that it changes the name of the files to its own extension: .zepto, which is why it has now become known as the Zepto Ransomware.
Modus Operandi of Zepto Ransomware
The process starts with “Social Engineering” in which the criminals try to psychologically manipulate the user to perform a desired task. This is carried out through “Spear Phishing” by sending emails with infected files. As of now there are two variants of the infected files.
- Emails with an attached ZIP file
- Emails with an attached DOCM file
This is the payment stage. Once the Ransomware is installed on your computer, all the files are encrypted and renamed with a .Zepto extension. The hackers convey the demand and procedure for ransom either by changing your desktop wallpaper, or an image file which opens in Windows Photo Viewer or an html file that is saved in every directory where files have been scrambled. These files contain all the steps you need to take for making payment and getting your files decrypted in return.