Sounds like FUD.
The linked-to article goes to great lengths to tell you all the ways in which the attack might destroy your system's integrity & that there's "nothing you can do about it - infection is inevitable". It refuses to give any substantive means of protecting oneself, but ALSO claims that their AV product already protects against the attack. Any AV/Malware/Scumware agent that screams about a new attack, fails to say how to protect against it, and then claims that their own product is the "only way to be safe" smacks of FUD of the scummiest sort.
How does it get on the computer? In two parts: part one is a dropper that later downloads the malicious parts. Ok, but how does the dropper get on? What's the dropper called? What do we need to look for in order to find out if we're infected? What process' do we need to look for to see if it's running on our machine?
It bypasses UAC, EMIT, AV (except their own), and Windows' own security to create a second User Account with RDP privs. What's the Account name? How does it create the account if the SysOp has configured Windows to require something other than the default Admin password to create such accounts? What if the RDP function has been Disabled as a Service? Does the attack turn it back on? What if it needs a password in order to do that?
They tell you to look for unusual malicious traffic on your network as an indicator of the infection, but then fail to say what KIND of traffic. Are we talking specific protocols/ports to specific IP/URL's? Is this something that can be blocked via the Hosts file? By a properly configured router/firewall/nat layer?
The whole thing just smells of FUD. If I'm wrong then I'll admit it, but if I *am* then why haven't these guys given us any means by which to deflect the attack, mitigate it once it's infected, or how to clean it off if it has? Telling us that their AV product already protects us from it without telling us HOW makes me think "BULLSHIT!"