There is a new spam campaign targeting Scandinavians that’s spreading nasty ransomware—with a 0% detection rate. Heimdal Security has identified the campaign as the fourth major ransomware campaign in the wild since the beginning of September, including one that compromised 142 million legitimate websites for its cause. This one starts by sending email with an attached Word document to arbitrary recipients. That document contains macros, which, when activated, will download and run the malicious ransomware, encrypting and locking up all files on the PC. In order to decrypt the files and regain access to the data, the victim must first communicate with two different Gmail accounts and pay the ransom. It’s pretty straightforward except for one thing: This spam campaign has managed to completely avoid detection by all of the 57 anti-malware tools listed in VirusTotal. So how to protect oneself? Users should exercise extreme caution when it comes to opening emails from unknown senders—but should also make sure everything on their systems is up to date.
View full story