{"id":8163,"date":"2016-08-29T12:44:00","date_gmt":"2016-08-29T12:44:00","guid":{"rendered":"http:\/\/localhost\/datcomWP\/?p=8163"},"modified":"2016-08-29T12:44:00","modified_gmt":"2016-08-29T12:44:00","slug":"alert-microsoft-outlook-users-be-wary-of-new-ransomware","status":"publish","type":"post","link":"https:\/\/staging.datcomllc.com\/index.php\/2016\/08\/29\/alert-microsoft-outlook-users-be-wary-of-new-ransomware\/","title":{"rendered":"Alert: Microsoft Outlook Users Be Wary of New Ransomware"},"content":{"rendered":"

Ransomware is a particularly nasty strain of malware that continues to pop up in unexpected forms. In the case of a new variant of called Cerber, it targets users of Microsoft Outlook using a zero-day vulnerability via phishing messages. To make matters worse, Cerber can also utilize DDoS attacks, which is a major cause for concern.<\/p>\n

<\/p>\n

Distributed Denial of Service attacks utilize previously-infected \u201cbotnets\u201d (networks of infected computers) to slam the targeted system with a ferocious amount of traffic. The legs of the targeted system eventually buckle, and the organization\u2019s operations are crippled by downtime. Now that ransomware is using DDoS attacks, it becomes much riskier to ignore a ransomware warning. Plus, the infected computer is brought into the botnet and used to torture other poor souls who are unfortunate enough to get infected.<\/p>\n

Cerber demands a ransom of 1.24 Bitcoins to unlock the ransomware. As of this time of writing, 1.24 Bitcoins are valued at approximately $718.<\/p>\n

The intended victim receives an email containing the ransomware which, when activated, adds three files to the desktop of the victim\u2019s computer. Each contains the same message; one is a simple TXT file, another is HTML, and the third is a Visual Basic Script that converts to an audio message. Their message reads: Attention! Attention! Attention! Your documents, photos, databases and other important files<\/em> have been encrypted!<\/em> To add insult to injury, this message will trigger every time you boot your computer.<\/p>\n

The hackers make it quite easy for users to pay the ransom. The two files contain instructions to navigate to the Tor payment site, while also offering some inspirational advice: \u201cWhat doesn\u2019t kill me makes me stronger,\u201d transcribed in Latin. In most cases, we recommend against paying the ransom, but sometimes it\u2019s unavoidable; particularly if you don\u2019t have a secure data backup. Still, there\u2019s no guarantee that the hacker will ever release your files, and contributing funds will only further their goals to attack others like yourself.<\/p>\n

There\u2019s currently no known way to eliminate Cerber, which makes it crucial to protect your systems from infection. In particular, you should focus on security best practices and identify phishing scams, as this is the primary mode through which ransomware spreads. As the business owner, you need to ensure that your organization follows these practices, from the top-down.<\/p>\n