14 DAY TRIAL // Systems administrators for the House of Representatives have temporarily banned the usage of Yahoo's Mail service after saying the service has failed to detect mass phishing attacks spreading ransomware.
According to an internal email sent by the Technology Service Desk to the house staff on April 30, the system administrators revealed an increase of ransomware attacks on the house's IT network.
An anonymous source told Gizmodo that a ransomware infection affected at least one computer. The source said the IT staff managed to isolate it before allowing it to spread.
Staff claims that attackers sent phishing emails claiming to be from known senders. Attackers used both Yahoo Mail and Gmail services, but predominantly Yahoo.
The emails contained malicious JavaScript files inside ZIP file attachments, a known method of infection, used by many ransomware variants and other types of malware.
The house staff said the Yahoo Mail service will remain blocked until further notice. They also said mitigations to prevent future attacks are also being put into place.
Prior to affecting the House of Representatives, ransomware has also made victims among hospitals, water supply centers, churches, police centers, courthouses, schools, and various other institutions. In most cases, affected organizations had to pay the ransom to unlock the affected computers.
The most famous ransomware using malicious JavaScript files packed inside ZIP files is named Locky. The ransomware is currently undecryptable.
Below is the email, obtained by Gizmodo. [UPDATE: Reuters also reported that four days later, the house IT staff also banned Google App Engine apps - appspot.com.]