Zero-Day exploit labeled the "Largest in History" originates in Phishing Email

You may have seen the news this weekend. Criminal hackers have released a new strain of ransomware that spreads itself automatically across all workstations in a network, causing a global epidemic. If you or a co-worker are not paying attention and accidentally open one of these phishing email attachments, you might infect not only your own workstation, but immediately everyone else's computer too. 

Be very careful when you get an email with an attachment you did not ask for. If there is a .zip file in the attachment, do not click on it but delete the whole email. 

---------------

Hundreds of thousands of machines worldwide were hit by a piece of malware known as "Wana Drcrypt0r" that leverages an email-based payload that, when executed, installs itself on a PC inside the firewall and subsequently uses a vulnerability that was leaked from the NSA which is capable of moving across the network from machine to machine spreading the infection.

The result of being infected is that your computer becomes a host that spreads the malware as well as having your own files encrypted and a message like the following popping up on your computer.

What should I do?

At Work:

  1. Update your Windows systems.  Go to Windows Update in the start menu and allow Windows to update.
  2. Be vigilant when you interact with email.  This piece of malware only needs a single target inside a corporate network to spread.  DO NOT CLICK ON ATTACHMENTS OR LINKS IN EMAIL THAT LOOK SUSPICIOUS AND AVOID .ZIP FILES ALTOGETHER!
  3. Alert the IT Department immediately if you get a strange email or your computer asks you to install anything or elevate permissions on a screen that looks like the following...

At Home:

  1. Update your Windows systems.  Go to Windows Update in the start menu and allow Windows to update.
  2. Make sure you have backups of your files.  If you get this strain of malware (or similar) you'll be deciding whether you pay an attacker or whether you rebuild your computer from scratch with a clean OS install.  If you select the second option you'd better have backups of the files that are meaningful to you.

 

For more information please review the following article from our partner "KnowBe4":  https://blog.knowbe4.com/ransomware-attack-uses-nsa-0-day-exploits-to-go-on-worldwide-rampage

Chris Blanchard