Ransomware Hack Targeting 2 Million an Hour (axios.com) 38
New submitter Zorro writes: A ransomware attack sweeping the globe right now is launching about 8,000 different versions of the virus script at Barracuda's customers, Eugene Weiss, lead platform architect at Barracuda, told Axios, and it's hitting at a steady rate of about 2 million attacks per hour. What to watch out for: An incoming email spoofing the destination host, with a subject about "Herbalife" or a "copier" file delivery. Two of the latest variants Barracuda has detected include a paragraph about legalese to make it seem official, or a line about how a "payment is attached," which tricks you to click since, as Weiss puts it, "everyone wants a payment."
Re: (Score:1)
Re: (Score:2)
Bullshit story (Score:5, Insightful)
Re: (Score:1)
But there's totally no political motivation behind "don't trust Kaspersky cuz omg Russia"?
Re: (Score:2)
Anonymous Coward [slashdot.org]: "This article is bullshit and is written by a person with zero technical skills. Ransomware is not targeting 2 million users per hour. A spam botnet is sending 2 million emails per hour (which I don't believe either, average is 20K-100K per spam botnet). The emails carry file attachments that deploy ransomware. About 10% of spam emails are opened, and about 1% actually yield infecti
Re: That's gonna keep creimer busy! (Score:1)
A dev making 50K on the west coast.
Re: (Score:2)
Pretty much the only useful info. Anything beyond that is scaremongering and / or snake oil.
Herbalife?! (Score:1)
The hackers are using social engineering to get people to click. That's increasingly becoming a trend, per Weiss. It's "less pure technical hacks" and instead using psychological tactics "get someone to click on something they shouldn't be."
And Herbalife in the subject line. Targeting folks who think multi-level marketing is a good thing. And doing a search on multi-level marketing companies means this hack is going to be around a long time.
I guess the Nigerian price thing has run its course?
It's hitting everyone... (Score:2)
... just Barracuda wrote a blog about it.
Pretty common (Score:3)
This type of vector (payment included or here's your fax or you have a voicemail) are pretty common. I've noticed a significant increase lately, zipped with 7zip, which might be this payload. (I don't have any interest in finding out.) Part of me wants to ask, does anyone actually fall for these? But of course, that's a stupid question.
Wait, this relies on opening an attachment? (Score:5, Insightful)
Who, in this day and age, opens unsolicited attachments??
Even my most tech-averse friends don't do that. The thing I have to remind them about nowadays is that they also shouldn't open attachments from people they know unless they've confirmed those people intended to send them.
Only Barracuda customers (Score:2)
As long as it's only for Barracuda customers, then it's a good thing!
Would be nice to get rid of those blackmailing, lying bastards.
Not a nation-state? (Score:2)
From TFA, "It's likely not a nation-state perpetrating the hack, since the hackers' motives are financial. Instead it's a small, sophisticated group of criminals."
Really? Lazarus, believed to be linked to North Korea, is said to be responsible for numerous hacks against banks for the last couple of years including that 81 million dollar theft from Bangladesh central bank. Sure, it was Kaspersky who established that link, so consider the source. Even if they aren't nation-state supported though, there is
Re: (Score:2)
Customer attacking ransomware virus script .. (Score:2)