Increased Ransomware Attacks Using Email and PDF Files

The specifics of the campaign include two variants of emails sent to recipients. One email has no text in the body of the email. In another variant, emails include text consistent with what you might expect from an email that contains payment invoices, receipts or scanned images, according to Baisini. In both cases, subject lines include either the word “Payment” and “Receipt” proceeded by “#” and numbers – for example “Receipt#272”. Filenames of the malicious attachments are customized based on recipient’s email address.

Emails include a malicious PDF document with an embedded Word document inside, researchers say. Once opened, the PDF asks the victim for permission to open a Word document. That Word document then asks victims for permission to run an XOR’d Macro that pulls down a malware dropper file. Once Locky is downloaded it encrypts files on the host computer.

Read more about how this attack works…

Ready to get started?


"Your passport to all things web."

CourseVector
1 Abbey Lane
Camp Hill, PA 17011
Phone: (717) 516-6955

Design and hosting by CourseVector. All rights reserved. Copyright 2018. | Sitemap

To contact us after hours please use the panic button.
Fees may be incurred depending on reason for support.