29 June 2016

Massive ransomware attack on Office 365

Millions of Microsoft Office 365 users were potentially exposed to a massive zero-day Cerber ransomware attack last week that not only included a ransom note, but an audio warning informing victims that their files were encrypted.

Steven Toole, a researcher for the cloud-security firm Avanan, blogged that his company saw the first attack roll in at 6:44am on June 22 US time and that at least 57 percent of all Office 365 customers received at least one phishing attempt that contained the infected attachment.

Toole said it took Microsoft more than 24 hours to detect the attack and start blocking the attachment. The attacker asked for a ransom totaling 1.4 bitcoin, or about US$500, for the decryption key.

"This attack seems to be a variation of a virus originally detected on network mail servers back in early March of this year," Toole wrote. "As it respawned into a second life, this time Cerber was widely distributed after its originator was apparently able to easily confirm that the virus was able to bypass the Office 365 built-in security tools through a private Office 365 mail account.”

Read the full article here.

CyberHound's Category Web Filtering can help protect your company from ransomware attacks, find out more via the below Data Sheet or contact us today.


Category Web Filtering