Skip to content
Search
  • There are no suggestions because the search field is empty.
Cancel
Get Started Now

    Security Awareness Training Blog

    Barracuda Advanced Technology Group Tracks 20 Million Ransomware Phishing Attack

    Barracuda Advanced Technology GroupBarracuda Advanced Technology Group says it’s tracking a ransomware threat that has so far spawned about 20 million phishing emails sent to unsuspecting users around the world in the last 24 hours and the threat is growing.

    While most of the emails seem to be originating in Vietnam, other countries with smaller but notable volumes of phishing emails seem to emanate from India, Columbia, Turkey, and Greece – lower volumes are coming from many other countries around the world. According to the security company, “roughly 20 million of these attacks occurred in the last 24 hours, and that number is growing rapidly.”

    Barracuda Advanced Technology Group identified three versions of the phishing emails but note that they seem to iterate through different versions.

    One features the HerbalLife logo. It thanks the addressee for their order and rather “stupidly” says, “please find your tax invoice”. Clearly, these versions are not examples of sophisticated, adept, or crafty social engineers. The attack fits more closely into the pattern of a spray-and-pray volume attack.

    https://blog.barracuda.com/wp-content/uploads/2017/09/herbalife_ss.jpg

    The second email is a generic email from “copier@* (note) attachment.

    https://blog.barracuda.com/wp-content/uploads/2017/09/copier_ss.jpg

    Barracuda observed “These attacks have been morphing throughout the day, but they all use fake source email addresses.  The earliest examples came from Vietnam and Greece. A third variant has appeared in the last couple of hours, which uses the subject line “Emailing – <attachment name>.”

    The common thread is that they all have ransomware attachments.  While these should be easier to spot than the craftier social engineering email, the sheer volume is sure to pick off a fair amount of potential victims who are too busy to think before they click. And that’s exactly what the cyber thieves who launch these volume spam ransomware hope for. It’s a numbers game. Too early to be sure if this is a botnet attack but seems likely.

    Analysis overview

    https://blog.barracuda.com/wp-content/uploads/2017/09/analysis_2.jpg

    Risk assessment

    https://blog.barracuda.com/wp-content/uploads/2017/09/analysis_2.jpg

    Ransomware Hostage Rescue Manual

    Get the most complete Ransomware Manual packed with actionable info that you need to have to prevent infections, and what to do in case you're hit with the nasty UltraDeCrypter or some other nasty ransomware strain..

    Get Your Manual

    Don't like to click on redirected buttons? Cut & Paste this link in your browser:

    https://info.knowbe4.com/ransomware-hostage-rescue-manual-0

    Source

     

     

    Return To KnowBe4 Security Blog

    Topics: Phishing, Ransomware

    Stu Sjouwerman

    ABOUT STU SJOUWERMAN

    Stu Sjouwerman (pronounced “shower-man”) is the founder and CEO of KnowBe4, Inc., which hosts the world’s most popular integrated security awareness training and simulated phishing platform, with over 54,000 organization customers and more than 50 million users. A serial entrepreneur and data security expert with 30 years in the IT industry, Stu was the co-founder of Inc. 500 company Sunbelt Software, a multiple award-winning anti-malware software company that was acquired in 2010.

    Read more from Stu »

    Subscribe to Our Blog


    Security Awareness Training
    Blog RSS Feed
    Comprehensive Anti-Phishing Guide
    All Posts

    Posts by Tag

    See all

    Posts By Topic

    View All

    Get the latest about social engineering

    Subscribe to CyberheistNews