Microsoft Warns of ZCryptor Ransomware With Self-Propagation Features

An anonymous reader writes from a report issued by Softpedia on May 27: Microsoft and several other security researchers have detected the first ransomware versions that appears to have self-propagation features, being able to spread to other machines on its own by copying itself to shared network drives or portable storage devices automatically. Called ZCryptor, this ransomware seems to enjoy quite the attention from crooks, who are actively distributing today via Flash malvertising and boobytrapped Office files that infect the victim if he enables macro support when opening the file. This just seems to be the latest addition to the ransomware family, one which recently received the ability to launch DDoS attacks while locking the user's computer.

Pray to whatever god you worship

[millertym]

This stuff is nasty.

1- Have spotless offline backups of everything
2- Lock down share permissions
3- Lock down admins on permissions domain level
4- Lock down admins on local machine level
5- Pray

I had to deal with this garbage once earlier this year on a custom domain with awful permissions management. It was bad enough from a single source\spread to shares perspective. I can't imagine the damn thing acting like a worm at the same time. Potentially career ending because 1- your enterprise gets owned so hard and 2- you never want to touch a computer again once you have to try to clean it up.