Slashdot Mirror

← Back to Stories (view on slashdot.org)

Ransomware Hits Three Indian Banks, Causes Millions In Damages (malwarebytes.org)

Posted by timothy on from the pretty-soon-talking-real-money dept.

An anonymous reader writes: Ransomware has locked computers in three major Indian banks and one pharmaceutical company. While the ransom note asks for 1 Bitcoin, so many computers have been infected that damages racked up millions of dollars. According to an antivirus company that analyzed the ransomware, it's not even that complex, and seems the work of some amateur Russians.

17 of 76 comments (clear)

  1. HAW HAW by Anonymous Coward · · Score: 4, Funny

    And now those jackasses will have to call tech support in India and the shit will REALLY hit the fan.

    1. Re: HAW HAW by Anonymous Coward · · Score: 2, Funny

      Yeah they don't segregate as well as New York and Chicago do.

    2. Re: HAW HAW by Mashiki · · Score: 2

      Oh sweet child how little do you know. My neurologist(here in Canada) these days primarily handles patients from India, and has a secretary that natively speaks Hindi. Even her secretary can't understand them.

      --
      Om, nomnomnom...
    3. Re:HAW HAW by Billly+Gates · · Score: 3, Funny

      Have they tried rebooting their mission critical servers?

      --
      http://saveie6.com/
    4. Re: HAW HAW by Tablizer · · Score: 2

      I've heard it's a status symbol in parts of India to talk fast. There's less pressure on clarity. I found out because I suggested to an H1B co-worker that he try to talk slower. He said he didn't want to because a slower habit would make it harder to find a wife when he got back home to India.

      --
      Table-ized A.I.
    5. Re: HAW HAW by nikkipolya · · Score: 4, Informative

      They have surpassed billion (US) dollar levels. Mumbai is the worlds 9th most costliest city in terms of real-estate prices (http://www.telegraph.co.uk/finance/property/pictures/8892109/In-pictures-The-worlds-20-most-expensive-cities-to-buy-property.html?image=11).

    6. Re: HAW HAW by Anonymous Coward · · Score: 2

      That's not necessarily because she can't understand the others' Hindi. Not everybody in India even speaks Hindi, there being more than 22 constitutionally recognized languages and more than 122 major languages

    7. Re: HAW HAW by CronoCloud · · Score: 2

      Of course she can't, India has MANY "official" languages. It's why English is sometimes the only common language Indians of different regions speak.

      India could save itself a LOT of trouble by just making English the "One and Only" official language, but they won't do it because of hard feelings about the Colonial period.

  2. Not too shocking by Shoten · · Score: 5, Informative

    Most of these ransomware packages can traverse laterally within an org; they run in the rights context of the user on the first infected computer and use that to infect other systems, spreading within the local network. So if you don't have your permissions properly set up (having "Domain Users" in the local Administrators group on your desktops as a matter of standard, for example), it's a cakewalk for the malware to hit everyone.

    --

    For your security, this post has been encrypted with ROT-13, twice.
    1. Re:Not too shocking by thegarbz · · Score: 2

      Define "properly". Having domain users in the local administrators group can save a small fortune in IT related support costs in many scenarios. It just needs to be weighed against the potential risks.

      I would imagine that the potential risks for randsomware hitting an organisation with proper IT support should be minimal... unless someone isn't doing their backups properly.

      When everyone goes home at night, re-image all PCs, and restore backups. That shouldn't cost $1m.

  3. That word by Barny · · Score: 5, Insightful

    "Amateur Russians."

    If they are actually making money from this, then they are firmly in the "professional" bracket.

    --
    ...
    /me sighs
    1. Re:That word by sjames · · Score: 4, Funny

      They are professional malware distributors. Nobody pays them to be Russians :-)

    2. Re:That word by turbidostato · · Score: 5, Insightful

      "Amateur Russians."

      And that means the headline is wrong. It says "Ransomware Hits Three Indian Banks, Causes Millions In Damages" when it should say instead "Incompetence Hits Three Indian Banks, Causes Millions in Damages".

      When some amateurs from a different country can wreak havoc in three different financial institutions the cause is not whatever the amateurs have done but gross incompetence.

  4. if there's a way they can get paid.... by iggymanz · · Score: 2

    there is a way they can be hunted down and killed. take pictures of the corpses and post them, send the message.

    1. Re:if there's a way they can get paid.... by thegarbz · · Score: 2

      Who the randsomware authors or the Indian bank employees who keep calling me?

  5. What security? by PhunkySchtuff · · Score: 4, Informative

    According to the linked article from Malwarebytes:

    It is different than most of the ransomware present nowadays. Instead of spreading to users and automatically infecting their machines, LeChiffre needs to be run manually on the compromised system. Common scenario of infection is that attackers are automatically scanning network in search of poorly secured Remote Desktops, cracking them, and after logging remotely they manually run an instance of LeChiffre.

    Just how good is their security if something that has to be manually run on each system has completely pwned them?

    --
    Specialist Mac support for creative pros, Melbourne
  6. Fake news by ajyand · · Score: 5, Insightful

    Fake news just based on word of mouth. Take a look at the original article referenced in the referenced article and you'll know that not a single aspect of the news is verifiable. No company has been named. No people have been named. Just one person's statement has been bloated into a short article.