Amit Malik for Netskope: Spider: A New Thread in the Ransomware Web
Extract: “Netskope Threat Research labs has detected new ransomware named Spider propagating in a mid-scale campaign. This ongoing campaign, identified on the 10th December, uses decoy Office documents which usually arrive as email attachments. These attachments are auto-synced to the enterprise cloud storage and collaborations apps.”
The decoy Word document is written in Bosnian.
A Netskope report on Cloud issues notes cases where, when a victim’s cloud-hosted files are encrypted, cloud service users synching to the same folder found their files being encrypted too, even though they weren’t themselves directly compromised by the ransomware. While Netskope’s Jamie Barnett told SC Magazine that “It was a blinding flash of the obvious for us,” it’s obviously a finding that more Cloud users need to take into account.
I’ve already pointed out that
…if your data is backed up somewhere that’s ‘always on’ while you’re using your computer, there’s a risk that ransomware (or other malicious software) might be able to encrypt, delete or corrupt your backed-up data too.
However, it’s important to realize that if you share storage with others, their susceptibility to ransomware may become your problem too.
Resources page updated.