like the latest one.
But in place of the expected ransomware, we downloaded a 12 byte text file with the plain message “Stupid Locky”.
Subsequently, the execution was directly terminated as the file did not have a valid structure.
It seems that someone was able to access one of the command and control servers and replaced the original Locky ransomware with a dummy file. And I do mean dummy in the fullest expression of the word. Now, I don’t believe that cybercriminals themselves would have initiated this operation because of the potential damage to their reputation and income stream. I also wouldn’t say that “Locky is dead” after this operation. As we know, they are still active and understand their “business” very well. But after the examples of Dridex and now Locky, it shows that even cybercriminals, masters of camouflage, are also vulnerable.