Slashdot Mirror

← Back to Stories (view on slashdot.org)

Microsoft Warns of ZCryptor Ransomware With Self-Propagation Features (softpedia.com)

Posted by BeauHD on from the mind-of-its-own dept.

An anonymous reader writes from a report issued by Softpedia on May 27: Microsoft and several other security researchers have detected the first ransomware versions that appears to have self-propagation features, being able to spread to other machines on its own by copying itself to shared network drives or portable storage devices automatically. Called ZCryptor, this ransomware seems to enjoy quite the attention from crooks, who are actively distributing today via Flash malvertising and boobytrapped Office files that infect the victim if he enables macro support when opening the file. This just seems to be the latest addition to the ransomware family, one which recently received the ability to launch DDoS attacks while locking the user's computer.

8 of 71 comments (clear)

  1. Microsoft would know by Anonymous Coward · · Score: 4, Funny

    They're the king of ransomware, forcing Windows 10 installations.

  2. They still don't get the difference between code.. by Anonymous Coward · · Score: 4, Insightful

    and data. After twenty years of problems with code in documents, including some that would wipe-out your partition table, they still allow code in a document to execute.

    Also, this might be the first malware that infected network files, but it certainly isn't the first to affect Office documents. We've been hit several dozen times.

  3. Block all Adverts now to protect yourself. by Lumpy · · Score: 5, Insightful

    More proof that everyone should be using an adblocker to keep their computer and friends computers safe.

    Dear website owners.... WAHH about your lost revenue. start hosting the ad's on your own servers and VET THEM to be safe and not an attack vector.

    --
    Do not look at laser with remaining good eye.
  4. Pray to whatever god you worship by millertym · · Score: 5, Interesting

    This stuff is nasty.

    1- Have spotless offline backups of everything
    2- Lock down share permissions
    3- Lock down admins on permissions domain level
    4- Lock down admins on local machine level
    5- Pray

    I had to deal with this garbage once earlier this year on a custom domain with awful permissions management. It was bad enough from a single source\spread to shares perspective. I can't imagine the damn thing acting like a worm at the same time. Potentially career ending because 1- your enterprise gets owned so hard and 2- you never want to touch a computer again once you have to try to clean it up.

  5. Re:maybe its time to put msoffice into a VM? by campuscodi · · Score: 4, Informative

    Or use OpenOffice or LibreOffice instead. Heck, even Google Docs is better now.

  6. Re: I heard by cbiltcliffe · · Score: 3, Funny

    Angry much?

    Of course he is. He got force upgraded to Windows 10.

    --
    "City hall" in German is "Rathaus" Kinda explains a few things......
  7. Yet another reason by FrozenGeek · · Score: 5, Informative

    not to use flash. I understand that there are many companies with a significant investment in flash-based code. But flash has proven to be a persistent security hole. HTML 5 is a viable alternative to flash. time for those companies to suck it up.

    --
    linquendum tondere
  8. Re: A permanent solution by mspohr · · Score: 3, Informative

    Might be easier to just install Linux.

    --
    I don't read your sig. Why are you reading mine?