Locky is a type of encrypting malware (also known as ransomware) distributed through Microsoft Office Macros and targeting Windows-running PCs. The name comes from the fact that, once the victim’s PC is infected, the ransomware will scramble and encrypt all the data on that PC, setting every file extension to .locky. Locky is spread through spam email campaigns, which make heavy use of spoofing, the same as the cybercriminals behind Dridex operate. In order to get the data decrypted, Locky creators ask for a ransom, which, if not paid, will leave the data useless if the victim doesn’t have a backup.