Slashdot Mirror

← Back to Stories (view on slashdot.org)

Ransomware Hack Targeting 2 Million an Hour (axios.com)

Posted by msmash on from the security-woes dept.

New submitter Zorro writes: A ransomware attack sweeping the globe right now is launching about 8,000 different versions of the virus script at Barracuda's customers, Eugene Weiss, lead platform architect at Barracuda, told Axios, and it's hitting at a steady rate of about 2 million attacks per hour. What to watch out for: An incoming email spoofing the destination host, with a subject about "Herbalife" or a "copier" file delivery. Two of the latest variants Barracuda has detected include a paragraph about legalese to make it seem official, or a line about how a "payment is attached," which tricks you to click since, as Weiss puts it, "everyone wants a payment."

38 comments

  1. Does it run on Linux? by Anonymous Coward · · Score: 0

    If not, I'm out of luck. Clicking will have no effect. :(

    1. Re:Does it run on Linux? by Anonymous Coward · · Score: 1

      Nothing that makes money runs on Linux...

    2. Re:Does it run on Linux? by sirber · · Score: 1

      even via wine? I'm shocked.

      --
      Be or ben't
    3. Re:Does it run on Linux? by Anonymous Coward · · Score: 0

      Nothing that makes money runs on Linux...

      You're right! All of those stupid Android phones and pesky web servers amount to shit.

    4. Re:Does it run on Linux? by Anonymous Coward · · Score: 0

      Except, ya know like 70% of all embedded devices out there...

    5. Re:Does it run on Linux? by Anonymous Coward · · Score: 0

      "Update 9/19/17 6:30pm PST: Barracuda researchers have confirmed that this attack is using a Locky variant with a single identifier."
      Locky is Windows Crap.
      What is even stupider than msmash's utter torpitude in not even spending a minute to vet this rubbish out, is that the Axios "Oh-Nos!" Stock Photo is of somebody typing away on a... Macbook keyboard.
      What a bunch of pond slime. (Sorry if I offended any real Pond Slime out there.)

  2. Bullshit story by Anonymous Coward · · Score: 5, Insightful

    This article is bullshit and is written by a person with zero technical skills. Ransomware is not targeting 2 million users per hour. A spam botnet is sending 2 million emails per hour (which I don't believe either, average is 20K-100K per spam botnet). The emails carry file attachments that deploy ransomware. About 10% of spam emails are opened, and about 1% actually yield infections. ... I could go on breaking down every stupidity contained in that article.... but I actually have better things to do. This comment right here is more informative compared with the linked article.... which, btw, is based on reporting from a company that provides backup solutions. If this came from Bitdefender or Kaspersky, this would actually be credible.

    1. Re:Bullshit story by Anonymous Coward · · Score: 0

      Their CEO denied those rumors, so FAKE NEWS!!!

    2. Re:Bullshit story by Anonymous Coward · · Score: 0

      was the "fake news" really necessary? It makes you look like a politically motivated troll.

    3. Re:Bullshit story by Anonymous Coward · · Score: 1

      But there's totally no political motivation behind "don't trust Kaspersky cuz omg Russia"?

    4. Re: Bullshit story by Anonymous Coward · · Score: 0

      Can you clarify what you mean by that? Are you saying that Russia isn't an authoritarian regime with a history of strong-arming businesses? Or that their intelligence services don't have an extensive history of hacking for political and economic gain?

    5. Re: Bullshit story by Anonymous Coward · · Score: 0

      The same can be said about US services. Or any other country that has working globally reaching 'intelligence' services.

    6. Re:Bullshit story by khz6955 · · Score: 1

      Yea, it's sad seeing Slashdot reduced to spouting these kind of clueless technically illiterate articles.

      Anonymous Coward: "This article is bullshit and is written by a person with zero technical skills. Ransomware is not targeting 2 million users per hour. A spam botnet is sending 2 million emails per hour (which I don't believe either, average is 20K-100K per spam botnet). The emails carry file attachments that deploy ransomware. About 10% of spam emails are opened, and about 1% actually yield infections. ... I could go on breaking down every stupidity contained in that article.... but I actually have better things to do. This comment right here is more informative compared with the linked article.... which, btw, is based on reporting from a company that provides backup solutions. If this came from Bitdefender or Kaspersky, this would actually be credible."

  3. That's gonna keep creimer busy! by Anonymous Coward · · Score: 0

    He is a miracle-level IT deity, after all. With a single Python script, he'll fix the malware problem, and since he works faster than 20 regular IT deities he'll also clean up any storage closets he finds. And don't ever wear a hardhat around him; he'll escort you right off the property!

    1. Re:That's gonna keep creimer busy! by Anonymous Coward · · Score: 0

      whats a creimer.

    2. Re: That's gonna keep creimer busy! by Anonymous Coward · · Score: 1

      A dev making 50K on the west coast.

    3. Re: That's gonna keep creimer busy! by Anonymous Coward · · Score: 0

      LOL yeshhhh I love it. Updated info as well. The hard hat part happen today. Please keep it up, you are doing slashdot a service. I'm a fellow Creimer troll, so from one to another, thank you for your service.

    4. Re: That's gonna keep creimer busy! by Anonymous Coward · · Score: 0, Troll

      Raging faggots the lot of you. All trolls, but especially trolls who gang up on one loser. Just leave him alone and he will fade, right now you guys just inspire him to do more.

    5. Re: That's gonna keep creimer busy! by Anonymous Coward · · Score: 0

      Once you manage to make one of these actually funny you should make sure you quit so you go out on top.

  4. hacked by hackers with hacks! by Anonymous Coward · · Score: 0

    Thanks so much for another content-free bit of scaremongering.

    If you had something substantial to say you wouldn't have needed to resort to empty scare-words. But what can you expect from "experts" whose best advice is "DO NOT CLICK ON THE EMAIL!" What's this, hollywood or something? Why don't you just say "security override" and all your problems go away then? Oh that's right, that's not how security works. But you like to pretend, don't you.

    1. Re:hacked by hackers with hacks! by Killall+-9+Bash · · Score: 1

      "DO NOT CLICK ON THE EMAIL!"

      Pretty much the only useful info. Anything beyond that is scaremongering and / or snake oil.

      --
      "Prediction: within 10 years, Windows will be a Linux distribution." Me, 7-6-2016
  5. Does it run on Linux by CustomBuild · · Score: 0

    This particular flavor doesnâ(TM)t, but Linux is not lacking in malware, root kits and ransom ware.

  6. Herbalife?! by Anonymous Coward · · Score: 1

    The hackers are using social engineering to get people to click. That's increasingly becoming a trend, per Weiss. It's "less pure technical hacks" and instead using psychological tactics "get someone to click on something they shouldn't be."

    And Herbalife in the subject line. Targeting folks who think multi-level marketing is a good thing. And doing a search on multi-level marketing companies means this hack is going to be around a long time.

    I guess the Nigerian price thing has run its course?

  7. my firefox browser crashes several times a day by Anonymous Coward · · Score: 0

    ubuntwho? looks like a self defense 'feature'?... i like it.. part of our (r)evolution.. script along... https://www.youtube.com/watch?v=rvNkp5IUQdg

  8. It's hitting everyone... by iCEBaLM · · Score: 1

    ... just Barracuda wrote a blog about it.

  9. Pretty common by roc97007 · · Score: 2

    This type of vector (payment included or here's your fax or you have a voicemail) are pretty common. I've noticed a significant increase lately, zipped with 7zip, which might be this payload. (I don't have any interest in finding out.) Part of me wants to ask, does anyone actually fall for these? But of course, that's a stupid question.

    --
    Oliver's law of assumed responsibility: If you're seen fixing it, you will be blamed for breaking it.
  10. Wait, this relies on opening an attachment? by JohnFen · · Score: 5, Insightful

    Who, in this day and age, opens unsolicited attachments??

    Even my most tech-averse friends don't do that. The thing I have to remind them about nowadays is that they also shouldn't open attachments from people they know unless they've confirmed those people intended to send them.

    1. Re:Wait, this relies on opening an attachment? by Anonymous Coward · · Score: 0

      Accounts Payable departments, for one, get unsolicited attachments all the time in all sorts of formats.

  11. Only Barracuda customers by mwvdlee · · Score: 1

    As long as it's only for Barracuda customers, then it's a good thing!
    Would be nice to get rid of those blackmailing, lying bastards.

    --
    Slashdot social media options: AIM, ICQ, Yahoo, Jabber and Mobile Text. Why no MySpace?
  12. Not a nation-state? by kaoshin · · Score: 1

    From TFA, "It's likely not a nation-state perpetrating the hack, since the hackers' motives are financial. Instead it's a small, sophisticated group of criminals."

    Really? Lazarus, believed to be linked to North Korea, is said to be responsible for numerous hacks against banks for the last couple of years including that 81 million dollar theft from Bangladesh central bank. Sure, it was Kaspersky who established that link, so consider the source. Even if they aren't nation-state supported though, there is every reason in the world to believe that NK has financial motives right now, especially on the heels of very tough economic sanctions. It seems a bit ridiculous for anyone to so quickly rule out a nation-state supported hack.

    1. Re:Not a nation-state? by Anonymous Coward · · Score: 0

      North Korea is not desperate for money, they are desperate for resources. With sanctions in place money buys them nothing as no one will trade with them.

    2. Re:Not a nation-state? by kaoshin · · Score: 1

      Hacking banks could allow them to move money to circumvent those sanctions. That is when banks aren't outright collaborating with them to do so. Lets say you are right though, and they don't have any willing trade partners who would trade with them despite sanctions. Why then, do we keep hearing about them making continued efforts to dodge sanctions to avoid trade restrictions? It isn't like there isn't a precedent for countries ignoring sanctions against them.

  13. Customer attacking ransomware virus script .. by khz6955 · · Score: 1

    Any idea as to the Operating System that is required in order for this customer attacking ransomware virus script to execute.

    1. Re:Customer attacking ransomware virus script .. by Anonymous Coward · · Score: 0

      Windows, delivered by a VB Script. But note the Axios Stock Photo. A Macbook.
      What a bunch of maroons.

  14. For you doubters by Anonymous Coward · · Score: 0

    https://blog.barracuda.com/2017/08/31/active-ransomware-attack-uses-impersonation-and-embedded-advanced-threats/

    Funny how 30secs of research beats out a 5-min diatribe where the person spouts out things as if they know what they are talking about.

  15. Not actually a hack... by Anonymous Coward · · Score: 0

    Just users infecting themselves by running malware. As a US based IT Sys. Admin, I would personally like to request that virus authors create a virus to infect VOIP systems to put all of the outsourced Help Desks in India out of business.