Kaseya Community

KAV Fails: Massive Volume of Ransomware Downloaders being Spammed

  • We are currently seeing extraordinary huge volumes of JavaScript attachments being spammed out, which, if clicked on by users, lead to the download of a ransomware. Ransomware encrypts data on a hard drive, and then demands payment from the victim for the key to decrypt the data.

    Unfortunately Kaspersky antivirus not intervene which become infected entire organizations.

    Why kaspersky does not intervene?

    The virus is called: Locky

  • Hi,

    we experienced the same problem. Locky and those teslacrypt 3.0 was not detected by kaspersky. We got a lot trouble because of that.....and those not Updating def-Files from Kaspersky.  Do your clients use a mailsecurity?

  • For a large portion of our clients that utilize domain or exchange email we use Proofpoint's spam filtering which depending on the level of service you wish to sell even includes link checking ability, this has saved a large number of clients lots of dreadful problems.   Currently dis-appointed with the KAV update issue that we've been experiencing for the last several weeks, as an MSP, it's unacceptable, really hoping all gets resolved in the future update/releases.

  • We use proofpoint as well. KAV module is a mess, we moved away from KAV completely a few months ago. As for the java scripts, do you have some examples of what they are naming them to? just curious.

  • What AV did you move to if you don't mind me asking? We are weighing out options.

  • We use kaspersky security center not the kaseya module one. Kaspersky does offer mail scanning along with many other AV modules.

  • It looks like we got lucky where KAV did catch the Locky.bz file on one of our comptuers and deleted it.  Has anyone used Exchange Online Advanced Threat Protection for mail protection?

  • @wellbornsteak We moved to bitdefender, (not the integrated version), they have a stand alone cloud based management page that has been great. Gives a ton of options from webfiltering to application control, to device control. Most importantly, it displays accurate information and updates.

    typo's are fun
    [edited by: justing at 7:03 AM (GMT -7) on Mar 22, 2016]
  • Wellbornsteak,

    Bitdefender - We opted to use the version that is NOT integrated into Kaseya, and used the cloud based version instead. The was recommend by the people over at BitDefender.