Beware of Spider's ransomware web
A ransomware named Spider is claiming victims with fraudulent documents that will result in a hefty debt collection. These documents are usually stored as an email attachment then automatically synced into cloud storage.
The documents found were written in Bosnian, which suggests that Bosnia and Herzegovina was the targeted region. But the files can be translated once encrypted so any any region can be a victim.
Once infected by Spider, the victim is given 96 hours to pay the ransom - a somewhat generous and odd time frame. Spider then will build a trust with the victim by supplying step-by-step videos on how to make the payment and ensuring that all files will be returned.
Despite that Spider is most likely the politest ransomware on the web, its emergence proves that ransomware is evolving and any type of organization can be a victim. Users should disable macros by default to avoid getting captured by Spider and also be cautious of documents that request the disabling of macros to view the contents, especially that from unfamiliar sources.