Widespread Attack on Office 365 Corporate Users with Zero-day Ransomware Virus

vbimport

#1

Starting June 22 at 6:44 a.m. UTC, Avanan’s Cloud Security Platform started to detect a massive attack against its customers that were using Office 365. The attack included a very nasty ransomware virus called Cerber, which was spread through email and encrypted users’ files. Once encrypted, Cerber demanded a ransom be paid in order to regain access to the user’s documents, photos and files. So nasty in fact, that this virus actually played an audio file, informing the user that the computer’s files have been encrypted while a warning message was displayed on screen. Based on Avanan’s analysis, Microsoft detected the attack and started blocking the attachment as of June 23 at 11:34 a.m. UTC.

While difficult to precisely measure how many users got infected, Avanan estimates that roughly 57 percent of organizations using Office 365 received at least one copy of the malware into one of their corporate mailboxes during the time of the attack. This attack seems to be a variation of a virus originally detected on network mail servers back in early March of this year. As it respawned into a second life, this time Cerber was widely distributed after its originator was apparently able to easily confirm that the virus was able to bypass the Office 365 built-in security tools through a private Office 365 mail account.

29 Hours it took before Microsoft started to block the attachment which is a very long time. Then again when you trust strangers to keep your data safe, what do you expect :rolleyes:
With that said, if the alternative is no backup, I will applaud any online service as a better than nothing solution :clap:

Read the full story off-site here.


#2

This is why I have office installed completely on my computer and laptop to avoid this ransomware and hacks.