2 min read

US Congress blocks Yahoo Mail after wave of ransomware attacks

Graham CLULEY

May 12, 2016

Ad One product to protect all your devices, without slowing them down.
Free 90-day trial
US Congress blocks Yahoo Mail after wave of ransomware attacks

The United States of Representatives has taken drastic action in the wake of a series of attempted ransomware attacks against its computers. It is completely blocking Yahoo Mail.

Gizmodo managed to get its paws on a copy of an email sent to House of Representatives staff by its IT department at the end of April, warning that an increase in ransomware attacks had been seen, primarily coming through Yahoo Mail.

Part of the email reads as follows:

In the past 48 hours, the House Information Security Office has seen an increase of attacks on the House Network using third party, web-based mail applications such as YahooMail, Gmail, etc. The attacks are focused on putting “ransomware” on users` computers. When a user clicks on the link in the attack e-mail, the malware encrypts all files on that computer, including shared files, making them unusable until a “ransom” is paid. The recent attacks have focused on using .js files attached as zip files to e-mail that appear to come from known senders. The primary focus appears to be through YahooMail at this time.

The House Information Security Office is taking a number of steps to address this specific attack. As part of that effort, we will be blocking access to YahooMail on the House Network until further notice. We are making every effort to put other mitigating protections in place so that we can restore full access as soon as possible.

Gizmodo reports that an unnamed congressional staffer confirmed that at least one of the ransomware attacks had succeeded in infecting a computer, resulting ultimately in the hard drive being wiped.

Shortly before the warning was sent to staff, congressmen and congresswomen, the FBI issued its own public advisory warning consumers and businesses that ransomware was on the rise – and to ensure that precautionary steps were being taken to either reduce the risk of infection or be able to recover should files be encrypted by attackers.

The fact is that ransomware doesn’t discriminate – it extorts money from individuals around the world, and organisations big and small. Although some ransomware contains bugs that can allow files to be safely decrypted without paying a ransomware, it’s sadly a minority.

The answer, as always, is that prevention is better than cure. Be sure to check out my article on the Bitdefender Business Insights blog for my top tips on how to stop your computers being hit by ransomware.

But aside from defending your systems and ensuring that you are reducing the threat by having an organised, secure backup regime we also need ISPs and webmail providers to play their part in identifying and stamping out attacks.

If ransomware attacks are really being spammed out from Yahoo Mail addresses that does rather suggest that Yahoo isn’t doing the best of jobs preventing criminals from exploiting accounts to engage in malicious activities.

tags


Author



Right now

Top posts

The Holiday Guide to Tech Support: Fixing the Family Computer

The Holiday Guide to Tech Support: Fixing the Family Computer

November 24, 2021

2 min read
Bitdefender Celebrates 20 Years of Cybersecurity Leadership

Bitdefender Celebrates 20 Years of Cybersecurity Leadership

November 04, 2021

3 min read
Bitdefender Study Reveals How Consumers Like (and Dislike) Managing Passwords

Bitdefender Study Reveals How Consumers Like (and Dislike) Managing Passwords

October 26, 2021

3 min read
What are drive-by download attacks and how do you prevent them?

What are drive-by download attacks and how do you prevent them?

October 25, 2021

2 min read
Criminals Can't Wait to Add Your IoT Device to Their DDoS Networks

Criminals Can't Wait to Add Your IoT Device to Their DDoS Networks

October 22, 2021

2 min read
Six in 10 Consumers Faced a Cyber Threat in 2021, New Bitdefender Study Reveals

Six in 10 Consumers Faced a Cyber Threat in 2021, New Bitdefender Study Reveals

October 20, 2021

3 min read

FOLLOW US ON

SOCIAL MEDIA


You might also like

Iranian Threat Actor Deployed Malicious PowerShell Script through Phishing, Then Stole Files and Credentials Iranian Threat Actor Deployed Malicious PowerShell Script through Phishing, Then Stole Files and Credentials
Silviu STAHIE

November 26, 2021

1 min read
Ukraine Arrests Five iPhone Hackers of the Phoenix International Hacking Group Ukraine Arrests Five iPhone Hackers of the Phoenix International Hacking Group
Filip TRUȚĂ

November 26, 2021

1 min read
Couple arrested for secretly installing cryptomining software on department store PCs Couple arrested for secretly installing cryptomining software on department store PCs
Graham CLULEY

November 26, 2021

1 min read