Ransomware called Zepto is raising concerns with security experts because of its close ties to the more mature and prolific Locky ransomware. Zepto was spotted about a month ago, but a recent wave of spam containing Zepto-laced attachments detected on June 27 is heightening fears of widespread infections.
“We are watching Zepto very carefully. It’s closely tied to Locky, sharing many of the same attributes,” said Craig Williams, senior technical leader and global outreach manager at Cisco Talos. “There is still a lot to learn about Zepto. As far as we can tell, it’s either a new variant of Locky or an entirely new ransomware with many copycat Locky features,” he said.
Cisco Talos, which published its findings on Zepto Thursday, said 137,731 spam messages have been found this week that contain the Zepto ransomware malicious attachment. The Zepto name comes from the .zepto suffix used as the extension for encrypted files.