A wave of spam emails carrying malicious file attachments infected with the cerber ransomware hit corporate users of the Microsoft Office 365 service.
The onslaught began on June 22, just before 7:00 AM UTC when crooks used a novel trick to launch Cerber-infested spam past Microsoft’s security defenses.
Cloud security platformit took Microsoft about five hours to detect and start blocking the malicious file attachments.
By that point, it was too late, Avanan saying that 57 percent of all companies using Office 365 had received at least one copy of the ransomware in their inboxes.
There is nothing special about this version of Cerber, and this seems to be yet another case of crooks managing to bypass Microsoft’s spam filters. A similar incident happened on June 1 when crooksand flooded users for hours with spam.
Cerber is one of today’s top ransomware families. According to data provided by Fortinet at the end of May,in terms of detected infections behind the infamous CryptoWall and Locky families.
If you need something to identify Cerber infections by, then you should remember that this is the ransomware family that uses the OS text-to-speech feature to read out the ransom note to users. Below is a screenshot of the malicious document received in this most recent campaign that targeted Microsoft Office 365 corporate users.