Cisco Blogs
Share
tweet

Jaff Ransomware: Player 2 Has Entered The Game

- May 12, 2017 - 1 Comment

This post was written by Nick Biasini, Edmund Brumaghin and Warren Mercer with contributions from Colin Grady

Summary

Talos is constantly monitoring the email threat landscape and tracking both new threats as well as changes to existing threats. We recently observed several large scale email campaigns that were attempting to distribute a new variant of ransomware that has been dubbed “Jaff”. Interestingly we identified several characteristics that we have previously observed being used during Dridex and Locky campaigns. In a short period of time, we observed multiple campaigns featuring high volumes of malicious spam emails being distributed, each using a PDF attachment with an embedded Microsoft Word document functioning as the initial downloader for the Jaff ransomware. While Cisco customers were already automatically protected against this threat, we decided to take a deeper look at this threat and its possible implications across the threat landscape. We have outlined the infection process and additional relevant information regarding this threat in detail below.

Read More >>

Leave a comment

We'd love to hear from you! To earn points and badges for participating in the conversation, join Cisco Social Rewards. Your comment(s) will appear instantly on the live site. Spam, promotional and derogatory comments will be removed.

1 Comments

    Its a wild world out there , Ransomeware as a service are rising by the day. Its about time people.. . If not all those stating cybersecurity as a myth will be the myth .

Share
tweet