A wave of spam emails carrying malicious file attachments infected with the cerber ransomware hit corporate users of the Microsoft Office 365 service.

The onslaught began on June 22, just before 7:00 AM UTC when crooks used a novel trick to launch Cerber-infested spam past Microsoft’s security defenses.

Cloud security platform Avanan says it took Microsoft about five hours to detect and start blocking the malicious file attachments.

By that point, it was too late, Avanan saying that 57 percent of all companies using Office 365 had received at least one copy of the ransomware in their inboxes.

There is nothing special about this version of Cerber, and this seems to be yet another case of crooks managing to bypass Microsoft’s spam filters. A similar incident happened on June 1 when crooks bypassed Outlook and Hotmail spam filters and flooded users for hours with spam.

Cerber is one of today’s top ransomware families. According to data provided by Fortinet at the end of May, Cerber ranked third in terms of detected infections behind the infamous CryptoWall and Locky families.

If you need something to identify Cerber infections by, then you should remember that this is the ransomware family that uses the OS text-to-speech feature to read out the ransom note to users. Below is a screenshot of the malicious document received in this most recent campaign that targeted Microsoft Office 365 corporate users.

Word document that will install the Cerber ransomware if macros are enabled

Word document that will install the Cerber ransomware if macros are enabled

Let’s block ads! (Why?)

Related Posts

Facebook Comments

Return to Top ▲Return to Top ▲