UCL ransomware attack traced to malvertising campaign
Security Week | June 22, 2017
Security researchers have suggested that the ransomware attack on University College London last week was spread through a "malvertising" campaign. Proofpoint reckons the AdGholas group spread the infection using malware-tainted online ads. This was a "zero-click required" campaign that could infect users who simply visited a compromised site1. More specifically, the Astrum Exploit Kit was used to deliver the Mole ransomware, Proofpoint said. Mole is a member of the CryptFile2/CryptoMix ransomware family.