Criminals are an adaptable bunch. Now that most people know not to enable macros and avoid Microsoft Word attachments, hackers came up with new ways that don’t require macros to execute downloads.
The first is a malware called “Zusy” that is infecting users with compromised PowerPoint attachments that automatically downloads an executable banking trojan using PowerShell commands embedded in a slide when the user merely hovers over a link. Since clicking is not required, this malicious scheme will initially infect a lot of users.
The second is a fileless, code-injecting Ransomware bug called “SOREBRECHT”. SOREBRECHT uses Microsoft’s Sysinternals PsExec command-line utility to encrypt files and deletes event logs and other clues to make it difficult to analyze attacks. SOREBRECHT also scans networks for other connected computers, infecting them as well. Because it is fileless, this bug presently bypasses anti-virus protections.
The bad guys are continually evolving to the point where they are upping the ante on targeted businesses. For instance, a South Korean web hosting company recently agreed to pay $1 million in Bitcoin after a ransomware attack hit 153 of its Linux servers.
From this, we can safely conclude that scammers will be raising average ransoms from a few hundred bucks at present to thousands of dollars depending on their assessment of your ability to pay.
Please inform all employees, especially accounting personnel to be careful of what they click or open in unsolicited or unexpected emails no matter who they “appear” to be from. And remember…. ALWAYS keep your backups up-to-date.
Are you worried about ransomware and want to know more? We’ve dedicated a whole site to this insidious virus called www.EliminateRansomware.com. Our eBook, “The Business Guide to Ransomware” provides all you need to know to protect yourself. Download it now!
XSolutions is an Elite Partner of Datto, the world leader in Hybrid-Cloud Business Continuity solutions whose systems protect 250+ Petabytes of data with over 800 employees around the globe. Call (845) 362-9675 and let us introduce you to the ultimate defense against data loss—whatever the cause.