Ransomware Hits Three Indian Banks, Causes Millions In Damages (malwarebytes.org) 76
An anonymous reader writes: Ransomware has locked computers in three major Indian banks and one pharmaceutical company. While the ransom note asks for 1 Bitcoin, so many computers have been infected that damages racked up millions of dollars. According to an antivirus company that analyzed the ransomware, it's not even that complex, and seems the work of some amateur Russians.
HAW HAW (Score:4, Funny)
Re: HAW HAW (Score:1)
Considering there are billion dollar high rises right next to slums I could care less.
Re: HAW HAW (Score:2, Funny)
Yeah they don't segregate as well as New York and Chicago do.
Re: (Score:1)
Considering there are billion dollar high rises right next to slums I could care less.
So you care a LOT then? It is 'couldn't care less', dipshit.
Re: (Score:1)
Considering there are billion dollar high rises right next to slums I could care less.
So you care a LOT then? It is 'couldn't care less', dipshit.
If you are unfamiliar with the concept of the widely accepted idiom [grammarist.com], it is likely that you are in fact the dipshit here.
Re: (Score:1)
Considering there are billion dollar high rises right next to slums I could care less.
Maybe there are billion Rupee high rises. I'm pretty sure building costs and property values have not reached billion (US) dollar level yet.
And be my guest, go ahead and care less. I'll get the popcorn.
Re: HAW HAW (Score:4, Informative)
They have surpassed billion (US) dollar levels. Mumbai is the worlds 9th most costliest city in terms of real-estate prices (http://www.telegraph.co.uk/finance/property/pictures/8892109/In-pictures-The-worlds-20-most-expensive-cities-to-buy-property.html?image=11).
Re: HAW HAW (Score:1)
At least they'll be able to understand them.
Re: (Score:3)
Oh sweet child how little do you know. My neurologist(here in Canada) these days primarily handles patients from India, and has a secretary that natively speaks Hindi. Even her secretary can't understand them.
Re: HAW HAW (Score:2)
That's not necessarily because she can't understand the others' Hindi. Not everybody in India even speaks Hindi, there being more than 22 constitutionally recognized languages and more than 122 major languages
Re: (Score:3)
Of course she can't, India has MANY "official" languages. It's why English is sometimes the only common language Indians of different regions speak.
India could save itself a LOT of trouble by just making English the "One and Only" official language, but they won't do it because of hard feelings about the Colonial period.
Re: (Score:2)
I've heard it's a status symbol in parts of India to talk fast. There's less pressure on clarity. I found out because I suggested to an H1B co-worker that he try to talk slower. He said he didn't want to because a slower habit would make it harder to find a wife when he got back home to India.
Re:HAW HAW (Score:4, Funny)
Have they tried rebooting their mission critical servers?
Re: (Score:2)
Did they shard the replicator to do the needful? Otherwise it won't work, even if it's webscale.
This is Sanjay from Microsoft (Score:2)
It was probably them who installed it.
Re: (Score:2)
Unless they get a call center in Kentucky. Now that would be irony! :)
Re: (Score:1)
Is there any wonder why the likes of Donald Trump has support in the US. Look at these people.
Re: (Score:2)
Not too shocking (Score:5, Informative)
Most of these ransomware packages can traverse laterally within an org; they run in the rights context of the user on the first infected computer and use that to infect other systems, spreading within the local network. So if you don't have your permissions properly set up (having "Domain Users" in the local Administrators group on your desktops as a matter of standard, for example), it's a cakewalk for the malware to hit everyone.
Re: (Score:3)
Define "properly". Having domain users in the local administrators group can save a small fortune in IT related support costs in many scenarios. It just needs to be weighed against the potential risks.
I would imagine that the potential risks for randsomware hitting an organisation with proper IT support should be minimal... unless someone isn't doing their backups properly.
When everyone goes home at night, re-image all PCs, and restore backups. That shouldn't cost $1m.
Re: (Score:1)
That's exactly how we deal with it when a user is stupid enough to click where they shouldn't. backups really help. also gives IT a chance to have a clear out of some old junk and keep it only in archives.
In each case the user rights of the offender were the limits of the infection. We did change the rights of the users and imposed stricter program execution policies to prevent further hassle. Also some user training helped them spot what they were about click on.
these minor attacks really helps our systems
Re: (Score:2)
Define "properly". Having domain users in the local administrators group can save a small fortune in IT related support costs in many scenarios. It just needs to be weighed against the potential risks.
I would imagine that the potential risks for randsomware hitting an organisation with proper IT support should be minimal... unless someone isn't doing their backups properly.
When everyone goes home at night, re-image all PCs, and restore backups. That shouldn't cost $1m.
So...you're a fan of building a whole new PC image every time there's a patch? Not to mention the bandwidth needed to push images to all PCs at the same time, every single night, and be sure that there have been no issues? Let's also keep in mind the fact that desktop configurations in nearly all organizations differ, so you'll have driver concerns for some devices, and one-off applications (especially for the most critical users) on others.
At first blush, your "re-image all PCs" idea sounds great...but I
Re: (Score:2)
So...you're a fan of building a whole new PC image every time there's a patch?
What the hell kind of an operation are you running? No what we do is control the patching at our own schedule and once a quarter update the master image. Get your machine rebuilt just before the new master comes out? Tough get a coffee while it applies updates when you first turn it on.
Re: (Score:2)
I am not my companies it person we hire that out. That said I have three logins.
My everyday low rights user information. A higher rights user and full admin access to every server
This way when a print job gets stuck I can kill it with admin rights of if someone access is screwed up I can force a logout of them which general clears up the issue.
I only do limited actions and then log out of admin. This saves it daily headaches. While providing security.
You can do both. You the responsible people a sco
That word (Score:5, Insightful)
"Amateur Russians."
If they are actually making money from this, then they are firmly in the "professional" bracket.
Re:That word (Score:5, Funny)
They are professional malware distributors. Nobody pays them to be Russians :-)
Re:That word (Score:5, Insightful)
"Amateur Russians."
And that means the headline is wrong. It says "Ransomware Hits Three Indian Banks, Causes Millions In Damages" when it should say instead "Incompetence Hits Three Indian Banks, Causes Millions in Damages".
When some amateurs from a different country can wreak havoc in three different financial institutions the cause is not whatever the amateurs have done but gross incompetence.
Re: (Score:1)
Eh? I know a lot of amateurs working in IT. I don't think that word means what you think it means.
Re: (Score:2)
Do you even know what "Engrish" actually refers to? Derp.
if there's a way they can get paid.... (Score:3)
there is a way they can be hunted down and killed. take pictures of the corpses and post them, send the message.
Re: (Score:3)
Who the randsomware authors or the Indian bank employees who keep calling me?
Indian like Hindus (Score:1)
Or Native American?
What security? (Score:5, Informative)
According to the linked article from Malwarebytes [malwarebytes.org]:
It is different than most of the ransomware present nowadays. Instead of spreading to users and automatically infecting their machines, LeChiffre needs to be run manually on the compromised system. Common scenario of infection is that attackers are automatically scanning network in search of poorly secured Remote Desktops, cracking them, and after logging remotely they manually run an instance of LeChiffre.
Just how good is their security if something that has to be manually run on each system has completely pwned them?
Re: (Score:2)
Re: (Score:2)
Complete crap. Honestly I am surprised it hasn't happened earlier.
Re: (Score:1)
Someone emailed a file called DoTheNeedful.EXE to everyone in the bank, of course they all ran it.
Re: (Score:2)
That depends on just how desperately you want to see britney-spears-leaked-sex-tape.exe
Fake news (Score:5, Insightful)
Are these traveling hackers? (Score:1)
"ET couldn't confirm the names of the banks and the pharmaceutical company or the total number of computers that were compromised." So it is possible that the whole story is made up.
"In May last year, two Indian conglomerates had to pay about $5 million each after hackers breached their systems. The hackers, suspected to be operating from the Middle East, threatened to leak information to the Indian government
It is distributed as a typical Windows executable: (Score:1)