Evil ransomware targeting Microsoft Word – here’s how to protect yourself


Security experts have uncovered another terrifying ransomware campaign that is targeting Microsoft Word.

Users have been warned to exercise caution when opening email attachments, regardless of where they have been sent from.

The attack begins when hackers send corrupted PDF files and Word documents as email attachments. When the attachment is opened, it begins to install the ransomware onto the victim’s computer.

Once installed, the ransomware hijacks the device and encrypts all the user’s files before demanding a ransom in order for them to be released.

Word ransomware

However, unlike most cyber attacks of this nature, this new ransomware hides not in just one file but in files hidden within the attachment itself, which makes it even harder to detect.

The ransomware was spotted by cyber security firm Sophos Labs, which reported its findings on its Naked Security Blog.

Sophos Labs said the ransomware is a strain of the dangerous Locky malware.

Sophos Labs explains victims are sent a spam email that includes a PDF attachment. When the PDF file is opened it asks to launch a separate Word document. However, the Word document contains a corrupted Macro file which contains the ransomware.

How to protect yourself

Sophos Labs say there are a number of ways in which Microsoft Word users can protect themselves from the ransomware.

The firm says users should take regular back ups of their files and that the backup is stored away from their main device.

Users are also advised to make sure all software is kept up to date and that latest security patches are installed.

Finally, users need to be cautious about opening email attachments, especially if they are from an address you do not recognise.

This latest threat is the second targeting Microsoft Word in recent weeks.

Earlier this month, McAfee spotted a similar form of ransomware which was disguised as a Word doc.


Comments are closed.