Ransomware scum target corporate Office 365 users in 0-day campaign


Theregister.co.uk | Richard Chirgwin | 28 Jun 2016 at 03:30

office365logoweb_1003666Spam flood tried to drop malicious macros in inboxes.

It’s 2016, and Microsoft Office macros are still a viable infection vector: security outfit Avanan says it’s spotted a week-long, large-scale malware attack against Office 365 users.

The campaign began on June 22, and Microsoft started blocking the malicious attachment on June 23.

Avanan says the attackers tried to send messages to 57 per cent of the organisations on its security platform using Office 365. Users were sent an Office document that invoked the malware via macros.

The attack used the Cerber ransomware, which first emerged in March. As well as encrypting user files, it takes over the victim’s audio system to read out its ransom note.

cerber2

Macro attacks: 20 plus years old, still effective

Any users infected found their files covered with AES-256 encryption and confronted with a 1.24 Bitcoin demand for decryption.

Source: http://www.theregister.co.uk/2016/06/28/ransomware_scum_target_corporate_office_365_users_in_0day_campaign/

Iklan

Tinggalkan Balasan

Isikan data di bawah atau klik salah satu ikon untuk log in:

Logo WordPress.com

You are commenting using your WordPress.com account. Logout / Ubah )

Gambar Twitter

You are commenting using your Twitter account. Logout / Ubah )

Foto Facebook

You are commenting using your Facebook account. Logout / Ubah )

Foto Google+

You are commenting using your Google+ account. Logout / Ubah )

Connecting to %s

%d blogger menyukai ini: