Microsoft has warned customers to be vigilant after the attack on Outlook email accounts.
The malware, dubbed ‘Owl’, is also being linked to a similar attack on Dropbox, and a recent spate of ransomware attacks on businesses.
In a blog post, Microsoft says that the ransomware, which has been described as a “man-in-the-middle” attack, was first detected on Microsoft’s Exchange server.
The vulnerability was discovered on August 28th, and Microsoft says the attack appears to be limited to Outlook.com.
The company has warned that if you have an Outlook account, you should consider changing passwords.
Microsoft has also said that it is “committed to finding and fixing these threats quickly” and that it has a zero-day vulnerability bounty for “the most urgent and serious threats”.
The company says it is also “investigating the possibility that this attack was a pre-planned operation by a third party”.
Microsoft’s Outlook account management service can be accessed via the Outlook.net domain.
Microsoft is also advising users to change their passwords on the company’s cloud service.
“If you have any Outlook accounts or other Microsoft services on your computer, you may need to change your passwords to protect your accounts, especially if you use your personal or business email,” the company said.
Microsoft also said it has received “several reports” of the virus causing issues with Microsoft Office, which may be the reason for the ransomware being so prevalent.