Your IT Support Experts - Homepage

We partner with many types of businesses in the area, and strive to eliminate IT issues before they cause expensive downtime, so you can continue to drive your business forward. Our dedicated staff loves seeing our clients succeed. Your success is our success, and as you grow, we grow.

Home

About Us

IT Services

Understanding IT

News

Blog

Contact Us

Support

(703) 359-9211

Free Consultation

Interested in seeing what we can do for your business? Contact us to see how we can help you! Sign Up Today

Macro Systems Blog

Macro Systems has been serving the Metro Washington, DC area since 1997, providing IT Support such as technical helpdesk support, computer support and consulting to small and medium-sized businesses.

When DDoS Attacks and Ransomware Combine, the Results are Ugly

When DDoS Attacks and Ransomware Combine, the Results are Ugly

Ransomware, the malware variant that has appeared more and more frequently has struck again, this time targeting users of Microsoft Outlook in a zero-day attack. A malware variant of Cerber (a ransomware) was recently utilized in a large scale attack on users of the messaging program, sent via phishing emails to corporate users.

What’s worse, this variant of Cerber is more than just your typical ransomware, as it also possesses DDoS capabilities.

DDoS, or Distributed Denial of Service, programs utilize the previously infected systems in their attacks on new victims as part of a botnet, causing the target system to cave under a deluge of useless traffic. Therefore, as an unfortunate recipient of this malware tries to resolve the problem, their system has already been assimilated into a cyber horde that’s attacking other systems.

Cerber demands a ransom of 1.24 Bitcoins to unlock the currently uncrackable ransomware, which converts (as of this writing) to approximately $718 US dollars.

The attack typically goes down as such: An intended victim receives an email with the ransomware. If activated, Cerber adds three files onto the desktop of the victim’s computer, each containing the same message. One is TXT format, one is HTML, and one is a Visual Basic Script that converts into an audio message. Their message reads: Attention! Attention! Attention! Your documents, photos, databases and other important files have been encrypted! The most annoying part is that every startup will trigger this message.

The other two files also contain instructions to navigate to the Tor payment site in order to pay the ransom, with the phrase “What doesn’t kill me makes me stronger,” transcribed in Latin at the bottom. As a brief reminder, we never recommend paying a malware ransom, as there is no guarantee that they will comply and release your files, and your funding will only contribute to further attacks.

As there is currently no known fix for Cerber, it is critical that businesses (the clear target of the ransomware) avoid falling victim to it, or any phishing-based attack for that matter. To do so, decision makers in companies should implement and enforce the following policies in their day-to-day practices.

    n
  1. Users should be informed of email security best practices, including not running or opening attachments from unknown sources or suspect emails in general.
  2. In case of possible infection, all files should be kept on an isolated backup to prevent data loss. An infected backup is no good, and so it should remain separate from the network to avoid such a circumstance.
  3. Be sure to keep all systems thoroughly updated with the latest versions of all your protections, as malware designers are in a constant race with their programs to outpace those who design protective programs.

To find out more about threats like this affecting your business, subscribe to Macro Systems’s blog.

Tip of the Week: Why Routinely Changing Your Passw...
NATO Officially Declares Cyberspace a Battlefield
 

Comments

No comments made yet. Be the first to submit a comment
Guest
Already Registered? Login Here
Guest
Sunday, December 22, 2024

Captcha Image

Customer Login


Contact Us

Learn more about what Macro Systems can do for your business.

(703) 359-9211

Macro Systems
3867 Plaza Drive
Fairfax, Virginia 22030