CYBER CRIMINALS have targeted Microsoft Office 365 corporate users with another bloody zero-day ransomware attack.
The Cerber ransomware was spread through phishing emails, and encrypted users' documents, photos and files before demanding a ransom to regain access.
The malware even played a spooky stalker-like audio file alongside a warning message on the screen informing victims that their files have been encrypted.
The attack was uncovered by Avanan's cloud security platform on 22 June, and Microsoft detected the attack and started blocking the attachment on 23 June, more than 24 hours later, based on the company's analysis.
Avanan estimated that about 57 per cent of organisations using Office 365 on the firm's security platform received at least one copy of the malware in a corporate mailbox during the attack.
The security firm suggested that the attack used a variation of a piece of malware detected originally on network mail servers in March.
"As it respawned into a second life, this time Cerber was widely distributed after its originator was apparently able to easily confirm that the virus was able to bypass the Office 365 built-in security tools through a private Office 365 mail account," said Avanan chief marketing officer Steven Toole in a blog post.
Cerber was spread through phishing emails, and victims' files were encrypted using the AES-265 and RSA methods, which Avanan said are currently unbreakable. The victim then received a message saying that they need to pay a ransom of 1.24 bitcoins (currently $810/£608) or $500 to get their files back.
"If Cerber had been allowed to reach these users, for any who opened the attachment it would have executed and the business costs would have been significant," said Toole.
Now you can watch documentaries about horribly disfigured people whenever you like
Brad to the bone
Being in a minority of one doesn't make you right
WeWork needs a rework