[Tech-l] Malware and Phishing Alert - Targeted Attacks in SW Ohio

Thor Sage sage at mveca.org
Sun Feb 25 00:49:53 EST 2018 

Good Evening,
A significant and targeted malware and phishing attack is being reported in at least two Southwest Ohio school districts.  The districts are not part of the MVECA network, however, all precautions should be taken to avoid any additional breaches.  An unidentified malware program, that was not picked up by district anti-virus scans, infected multiple computers on district networks.  The malicious program then collected any and all online banking information entered on the infected devices.  Once the data was collected, phone callers then attempted coax account PIN numbers from treasurer's office staff and others.  Fortunately, because of the security awareness of support staffers, no additional information was given to the attackers.  The attack also is reported to have utilized some form of spoofed banking site.  It is believed that both school accounts and personal bank accounts of some employees were in jeopardy.
The districts are reportedly working with state and federal authorities to identify the source of the malware.  It is important to note that the malware type is new and undetectable by some anti-virus applications.  The only known recovery is a complete wipe of the infected system.
This is everything we know at this time.  We will pass on any additional information we can get to hopefully include the type of anti-virus that was defeated and updates needed to protect against the malware.
As always we urge all organizations to train staff on cyber-security concepts, ensure anti-virus applications are up-to-date, and verify that all critical data is backed-up and retrievable.
Thank you,
Thor


Thor Sage
Executive Director
Miami Valley Educational Computer Association
937-767-1468  x3101
[http://www.mveca.org/images/logo.gif]<http://www.mveca.org/>       [i] <https://www.linkedin.com/company-beta/3947840/> [t] <https://twitter.com/mvecarcog> [f] <https://www.facebook.com/MVECA-707401659416692/>
Not-for-profit Technology Services for Education and Local Governments



-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listserv.mveca.org/pipermail/tech-l/attachments/20180225/e9e66543/attachment.htm>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image001.jpg
Type: image/jpeg
Size: 3184 bytes
Desc: image001.jpg
URL: <http://listserv.mveca.org/pipermail/tech-l/attachments/20180225/e9e66543/attachment.jpg>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image002.jpg
Type: image/jpeg
Size: 1229 bytes
Desc: image002.jpg
URL: <http://listserv.mveca.org/pipermail/tech-l/attachments/20180225/e9e66543/attachment-0001.jpg>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image003.jpg
Type: image/jpeg
Size: 1197 bytes
Desc: image003.jpg
URL: <http://listserv.mveca.org/pipermail/tech-l/attachments/20180225/e9e66543/attachment-0002.jpg>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image004.jpg
Type: image/jpeg
Size: 1194 bytes
Desc: image004.jpg
URL: <http://listserv.mveca.org/pipermail/tech-l/attachments/20180225/e9e66543/attachment-0003.jpg>

More information about the Tech-l mailing list