Active ransomware attack uses impersonation and embedded advanced threats [source: barracuda]

In the last 24 hours, the Barracuda advanced security team has observed about 20 million attempts at a ransomware attack through an email attachment “Payment_201708-6165.7z.”

In this attack, the source of the email is a spoofed address, and the attachment name and number is included in the subject line and body of the message.  The full subject line in this example is “Emailing: Payment_201708-6165” and the number in the attachment name is variable.

This attachment is a JavaScript file in a 7zip archive that the Barracuda ATP Dynamic Analysis Layer identifies as a “file-encryption/ransomware” type virus.

For more, click here.

Share