On October 24, 2019 it became known that the Russian companies began to face viruses which extend under the guise of accounting documents in large quantities.
According to Kommersant with reference to Check Point Software Technologies company, in September, 2019 with the end of the period of holidays in Russia became more active the malware under the name Pony which took the second place by the number of incidents. It extends by e-mail via harmful files with the.exe expansion in the letters imitating accounting requests.
Subjects and names of similar letters were called approximately so: "The closing documents Tuesday" and "Documents September". Pony is capable to abduct credentials of users, to monitor system and network transactions, to install additional malware and to turn devices into a botnet.
"Early autumn — time when the season of holidays comes to an end, employees return to offices and the number of communications increases. Malefactors monitor all trends and adapt to them — the chief representative of Check Point Software Technologies in Russia and the CIS Vasily Dyagilev says. — It is important that the companies told the employees about methods of malefactors: about phishing letters, harmful investments, transition according to doubtful links and other. It is necessary to set solutions on information security of the last generation which will be able to take automatically suspicious content from e-mails still before it reaches employees."
To be protected from Pony and similar viruses, experts advise to use the simplest and efficiently — to activate content filtering in settings of mail. In particular, it is necessary to disconnect a possibility of file transfer, requiring installation.