Beware of Ransomware Attacks! Cyberthieves are Exploiting Windows Print Spooler Vulnerabilities

Credit: Pixabay.com, Pete Linforth

Ransomware attacks are perhaps the most dangerous cyber threats. New data suggests that these attacks are on the rise, which means that people should do their best in protecting their gears.

According to ZDNet.com, dangerous groups were found exploiting vulnerabilities in Windows Print Spooler for throwing ransomware attacks. We’re talking about the service used for copying data between devices to manage printing.

The code execution vulnerabilities are known as CVE-2021-1675 and CVE-2021-34527. Attackers use them for running arbitrary code, and therefore install programs, change and delete data, as well as create new accounts having full user rights.

Payments demanded for a decryption key

The attacks work just about in the old way of a ransomware threat. The cyberthieves are compromising networks and encrypting files and servers. They promise to give the decryption key to the victims only in exchange for money.

Cybersecurity researchers from Cisco Talos explained in a blog post:

The use of the vulnerability known as PrintNightmare shows that adversaries are paying close attention and will quickly incorporate new tools that they find useful for various purposes during their attacks,

Multiple distinct threat actors are now taking advantage of PrintNightmare, and this adoption will likely continue to increase as long as it is effective.

Liviu Arsene is the Crowdstrike director of threat research and reporting. He gave people some useful ideas by saying, as quoted by ZDNet.com:

We encourage organizations to always apply the latest patches and security updates to mitigate known vulnerabilities and adhere to security best practices to strengthen their security posture against threats and sophisticated adversaries.

An antivirus will rarely do the trick when it comes to ransomware attacks, if you ask us. The best way to stay protected is your own vigilance. Keeping your software up-to-date and simply avoiding clicking on any link that seems suspicious, especially those received via email from unknown sources, are great ideas in this context.

Cristian Antonescu
Cristian is in love with technology, as are many of us. He has a vast experience as a content writer in the field. He's involved especially in the hardware area, where he covers the latest news regarding smartphones, laptops, PC components, and so on.