|OK, here is something new and really scary.
KnowBe4’s Chief Hacking Officer Kevin Mitnick called me with some chilling news. A white hat hacker friend of his developed a working “ransomcloud” strain, which encrypts cloud email accounts like Office 365 in real-time. My first thought was: “Holy $#!+”.
I asked him: “Can you show it to me?”, and Kevin sent this to me a few hours ago. Lucky for us, this ransomware strain is not in the wild just yet, but it’s on the horizon, so this is your heads-up! If a white hat can do this, so can a black hat.
This new strain uses a smart social engineering tactic to trick the user to give the bad guys access to their cloud email account, with the ruse of a “new Microsoft anti-spam service”.
Once your employee clicks “accept” to use this service, it’s game over: all email and attachments are encrypted real-time! See it for realz here in 5 minutes and shiver:
(NOTE: KnowBe4 uses the Intercom platform to communicate to people who created an account on our website. They redirect links, and if you do not like that—which you shouldn’t—just copy and paste the link in your browser.)