Slashdot Mirror

← Back to Stories (view on slashdot.org)

Ransomware Hack Targeting 2 Million an Hour (axios.com)

Posted by msmash on from the security-woes dept.

New submitter Zorro writes: A ransomware attack sweeping the globe right now is launching about 8,000 different versions of the virus script at Barracuda's customers, Eugene Weiss, lead platform architect at Barracuda, told Axios, and it's hitting at a steady rate of about 2 million attacks per hour. What to watch out for: An incoming email spoofing the destination host, with a subject about "Herbalife" or a "copier" file delivery. Two of the latest variants Barracuda has detected include a paragraph about legalese to make it seem official, or a line about how a "payment is attached," which tricks you to click since, as Weiss puts it, "everyone wants a payment."

15 of 38 comments (clear)

  1. Re:Does it run on Linux? by Anonymous Coward · · Score: 1

    Nothing that makes money runs on Linux...

  2. Bullshit story by Anonymous Coward · · Score: 5, Insightful

    This article is bullshit and is written by a person with zero technical skills. Ransomware is not targeting 2 million users per hour. A spam botnet is sending 2 million emails per hour (which I don't believe either, average is 20K-100K per spam botnet). The emails carry file attachments that deploy ransomware. About 10% of spam emails are opened, and about 1% actually yield infections. ... I could go on breaking down every stupidity contained in that article.... but I actually have better things to do. This comment right here is more informative compared with the linked article.... which, btw, is based on reporting from a company that provides backup solutions. If this came from Bitdefender or Kaspersky, this would actually be credible.

    1. Re:Bullshit story by Anonymous Coward · · Score: 1

      But there's totally no political motivation behind "don't trust Kaspersky cuz omg Russia"?

    2. Re:Bullshit story by khz6955 · · Score: 1

      Yea, it's sad seeing Slashdot reduced to spouting these kind of clueless technically illiterate articles.

      Anonymous Coward: "This article is bullshit and is written by a person with zero technical skills. Ransomware is not targeting 2 million users per hour. A spam botnet is sending 2 million emails per hour (which I don't believe either, average is 20K-100K per spam botnet). The emails carry file attachments that deploy ransomware. About 10% of spam emails are opened, and about 1% actually yield infections. ... I could go on breaking down every stupidity contained in that article.... but I actually have better things to do. This comment right here is more informative compared with the linked article.... which, btw, is based on reporting from a company that provides backup solutions. If this came from Bitdefender or Kaspersky, this would actually be credible."

  3. Re:Does it run on Linux? by sirber · · Score: 1

    even via wine? I'm shocked.

    --
    Be or ben't
  4. Re: That's gonna keep creimer busy! by Anonymous Coward · · Score: 1

    A dev making 50K on the west coast.

  5. Herbalife?! by Anonymous Coward · · Score: 1

    The hackers are using social engineering to get people to click. That's increasingly becoming a trend, per Weiss. It's "less pure technical hacks" and instead using psychological tactics "get someone to click on something they shouldn't be."

    And Herbalife in the subject line. Targeting folks who think multi-level marketing is a good thing. And doing a search on multi-level marketing companies means this hack is going to be around a long time.

    I guess the Nigerian price thing has run its course?

  6. It's hitting everyone... by iCEBaLM · · Score: 1

    ... just Barracuda wrote a blog about it.

  7. Re:hacked by hackers with hacks! by Killall+-9+Bash · · Score: 1

    "DO NOT CLICK ON THE EMAIL!"

    Pretty much the only useful info. Anything beyond that is scaremongering and / or snake oil.

    --
    "Prediction: within 10 years, Windows will be a Linux distribution." Me, 7-6-2016
  8. Pretty common by roc97007 · · Score: 2

    This type of vector (payment included or here's your fax or you have a voicemail) are pretty common. I've noticed a significant increase lately, zipped with 7zip, which might be this payload. (I don't have any interest in finding out.) Part of me wants to ask, does anyone actually fall for these? But of course, that's a stupid question.

    --
    Oliver's law of assumed responsibility: If you're seen fixing it, you will be blamed for breaking it.
  9. Wait, this relies on opening an attachment? by JohnFen · · Score: 5, Insightful

    Who, in this day and age, opens unsolicited attachments??

    Even my most tech-averse friends don't do that. The thing I have to remind them about nowadays is that they also shouldn't open attachments from people they know unless they've confirmed those people intended to send them.

  10. Only Barracuda customers by mwvdlee · · Score: 1

    As long as it's only for Barracuda customers, then it's a good thing!
    Would be nice to get rid of those blackmailing, lying bastards.

    --
    Slashdot social media options: AIM, ICQ, Yahoo, Jabber and Mobile Text. Why no MySpace?
  11. Not a nation-state? by kaoshin · · Score: 1

    From TFA, "It's likely not a nation-state perpetrating the hack, since the hackers' motives are financial. Instead it's a small, sophisticated group of criminals."

    Really? Lazarus, believed to be linked to North Korea, is said to be responsible for numerous hacks against banks for the last couple of years including that 81 million dollar theft from Bangladesh central bank. Sure, it was Kaspersky who established that link, so consider the source. Even if they aren't nation-state supported though, there is every reason in the world to believe that NK has financial motives right now, especially on the heels of very tough economic sanctions. It seems a bit ridiculous for anyone to so quickly rule out a nation-state supported hack.

    1. Re:Not a nation-state? by kaoshin · · Score: 1

      Hacking banks could allow them to move money to circumvent those sanctions. That is when banks aren't outright collaborating with them to do so. Lets say you are right though, and they don't have any willing trade partners who would trade with them despite sanctions. Why then, do we keep hearing about them making continued efforts to dodge sanctions to avoid trade restrictions? It isn't like there isn't a precedent for countries ignoring sanctions against them.

  12. Customer attacking ransomware virus script .. by khz6955 · · Score: 1

    Any idea as to the Operating System that is required in order for this customer attacking ransomware virus script to execute.