Seeing successful attacks as frequently as one per day, the creators of ProLock seek out larger organizations using the QBot trojan to infiltrate, spread throughout, and infect a network.
What starts as yet another phishing attack that uses a weaponized VBScript via Office documents turns out to be a far more invasive attack that brings operations to its’ knees and organizations considering reaching for their wallets.
According to security researchers at Group-IB, ProLock’s evolution from a failed prior iteration under the name PwndLocker has yielded a bit of malware so effective in its ability to perform network reconnaissance and lateral movement, its creators are big game hunting for organizations across both North America and Europe, looking to take down the largest of ransoms.