Cyber Attack with Ransomware hidden inside PDF Documents


England-based Security Software Company Sophos Labs has discovered that a new spam campaign is on the prowl where victims are cyber attacked with ransomware hidden inside PDF documents. And as per the researchers of Sophos Labs, the ransomware gets downloaded and is run by a macro hidden inside a Word Document that is deeply nested inside a PDF doc.

The said ransomware which can be dubbed as a variant of Locky Ransomware evades the anti-virus filters by hiding the macros inside a PDF. In this case, victims are hit by email spam with a PDF attachment. As soon as the victim clicks on the email a PDF doc attached to the email gets opened by the on-system Acrobat Reader in the form of an MS Word Doc. The document then asks the user to enable editing and here’s when the social engineering attack gets launched after a VBA Macro downloads and runs the crypto ransomware.

Fortunately, people can isolate themselves from such ransomware by following the below-specified steps-

Always keep the latest backup copy on hand- It is better to keep the latest backup copy of your data in an encrypted format.

Disable Macros for docs received via email attachments- Last year, Microsoft has deliberately turned off the auto execution of macros by default to the 2016 MS word users. The other previous versions have been executing the same from many years as a security precaution.

Never open unsolicited attachments- Cyber crooks are getting sophisticated year by year and so it is better if web users follow the same. For better protection, never open a document received via email as an attachment unless you are 100% sure.

Always keep your PC updated- Software updates and patches are always essential to protect your PC from such viruses. So, always keep your applications including office, browser and flash up to date with the latest. This helps in weeding out vulnerabilities through which hackers can exploit your entire network.

Naveen Goud is a writer at Cybersecurity Insiders covering topics such as Mergers & Acquisitions, Startups, Cyber Attacks, Cloud Security and Mobile Security

No posts to display