Ransomware dangers continue to circulate in-the-wild.  SHRM is a major Human Resources professional networking site.  It shares the risks associated with a new Petya variant, this is targeting companies via infected job applications.


HR departments are being targeted by a new ransomware attack that comes disguised as a job application.  The cybercriminals behind the attacks demand about $1,000 in digital currency called bitcoin to restore data on infected computers, according to a recent blog post by Check Point Software.   One bitcoin is worth roughly $894, according to Coindesk, a site that tracks news and information about digital currencies.

Once an applicant applies for a job by filling out the online application, they may be asked to e-mail additional files. The malware arrives in an e-mail with two attachments—a benign PDF that appears to be an applicant’s cover letter and an Excel file containing infected macros—reported Check Point, a San Carlos, Calif.-based malware-protection firm. This ransomware is a variant of one called Petya, which was developed by a cybercriminal who goes by the name Janus, according to Check Point.

Victims receive a ransom message on their screen telling them that their hard disk has been “infected with a military grade encryption algorithm. There is no way to restore your data without a special key” that only the cybercriminals can provide.

Petya and other malware are sold as ransomware-as-a-service products, so it’s “very likely” that more than one cybercriminal is using this type of malware, Check Point said.  To avoid a malware infection, ZDNet advises, don’t enable macros on Microsoft Office documents and watch for unanticipated or notably generic e-mails.  “The most effective solution revolves around security awareness training, specifically utilizing phishing simulation training”