‘IceID’ malware shocks US Universities

http hyperlink
Monday, April 12, 2021

A malware designed to destroy your personal computer is taking major U.S. Universities by storm. Coast-to-coast, higher education is feeling the chill of the trojan malware known as IceID.

The good news is, University computers are protected. An application called Cisco AMP blocks malware in real-time on University-managed devices, according to Mac McGaughy, the chief information security officer at UNC Charlotte. But the same cannot be said for personal devices.

How IceID strikes 

  1. You're working from a personal computer. 
  2. You receive an email containing a submission to a contact form. 
  3. The email body contains an urgent request to click a legitimate Google URL. 
  4. You click on the Google URL. 
  5. Suppose you have administrator privileges to update your device settings, etc. In that case, your device will download a .DAT file with the malware and hacking tools called Cobalt Strike, and cybercriminals will have access to your data.

IceID is particularly tricky because the email links to an actual Google URL, forcing end-users to be more careful than ever. Experts urge end-users and security teams to take an active role in lessening cyberattacks. "Mitigating these attacks requires more than just security tools; it requires user education and culture change," said McGaughy. 

Shield your PC from IceID

  1. Download and install anti-virus software to your personal computer from software.uncc.edu.
  2. Question any email from outside your usual contacts in which you feel rushed to click on a link
  3. Be especially careful with directions you receive from contact form submissions. 

If you suspect that you may have received an email designed to deceive you, immediately forward the email to spam@uncc.edu and then delete it.