The campaign began on June 22, and Microsoft started blocking the malicious attachment on June 23.
Avanan says the attackers tried to send messages to 57 per cent of the organisations on its security platform using Office 365. Users were sent an Office document that invoked the malware via macros.
The attack used the Cerber ransomware, which first emerged in March. As well as encrypting user files, it takes over the victim’s audio system to read out its ransom note.
Source: New feed