The Russians have long been famous for those lovely Matryoshka dolls, which are dolls, inside of dolls, inside of dolls (etc.) sometimes called Babushkas after the headscarves, which are traditionally worn by the dolls and Russian grannies.
So famous in fact, that the mighty Kate Bush (no less) wrote a song called ‘Babooshka’. More recently Guy Chambers and Robbie Williams stretched the allusion somewhat in their, in our opinion at least, brilliant ditty ‘Party Like a Russian’!
:
I’ve got Stoli and Bolly and Molly, so I’m jolly
And I’m always off my trolley, so I never say sorry
There’s a doll, inside a doll, inside a doll, inside a dolly
(Hello, Dolly)
I put a bank inside a car, inside a plane, inside a boat
It takes half the western world just to keep my ship afloat
…
Well it seems that Chambers and Williams might have been onto something. This week Sophos Labs has discovered a Russian originated spam campaign where a variant of the Locky malware is hidden inside a word document, which in turn is hidden inside a pdf, which in turn is delivered via a nasty phishing email. The delivery is via Macro, and as it is obfuscated in this way will probably evade AntiVirus. Very nasty indeed.
You can read the Sophos article here.
Recommendations to prevent infection by this filthy ransomware are the usual:
- Backup regularly (doh)
- Don’t enable macros on documents from the outside
- Don’t open attachments if you aren’t sure of their provenance
- Patch, patch, patch
- Use a security tool (guess what? Sophos has one!)
We actually love the work of Sophos’ Naked Security. They have some good general advice about Ransomware here.
If you would like to discuss the perils of Ransomware or anything about information security in general, please contact us at: [email protected] or call 020 7517 3900. In the meantime, enjoy the bank holiday weekend. Why not take Robbie’s advice and ‘Party Like a Russian’? Babooshka-ya-ya!
