Hackers Compromising and Blackmailing Indian Pharma Companies and Banks
Computer hackers compromised IT admins' systems and gained control over a pharmaceutical firm and three banks. For these attacks, the hackers believably utilized the Lechiffre ransom malware. First they locked all files on the PCs then asked to pay one Bitcoin (meaning INR 30,000) for unlocking a single PC, with the total revenue counting to multi-million USDs. This is an unprecedented event where Indian victims have been attacked to demand ransom payments in the Bitcoin crypto-currency, which is acquiring widespread acceptance globally.
To begin, the attack used an e-mail pretending to be an experienced management communication sent to the IT admin, who when opened it had his PC compromised. From there, the malware traveled to rest of the PCs. According to specialists, it was difficult to detect the ransomware. TOI posted this, January 11, 2016.
Executive Director Amit Jaju for Data Analytics EY said that Lechiffre encrypted data-files on servers and PCs while utilizing public-key cryptography of 256-bit size wherein solely the hacker knew about the decryption key. That hacker would leave one ransom note along with contact details within text file on every PC.
According to specialists, the decryption code possibly had malware which let the hackers gain admission into systems. During May 2014, 2 Indian corporate houses were forced to pay approximately $5m respectively once hackers infiltrated their PCs. Thought as based in the Middle East the hackers blackmailed the companies with exposing details to Government of India unless they paid the ransom. Naturally, both complied.
During past couple of weeks, several pharmaceutical companies and banks of India became the target of hackers. Sometimes, the companies as well handed over the extortion fund to be able to unlock some 15 PCs belonging to only senior most executives. Specialists state Indian organizations will have more frequent and ferocious cyber-assaults since economic advancement draws interest of such predators. Companies cited above that had been hacked and threatened didn't, however, report to police. It's common with Indian organizations for remaining secretive regarding such assaults. Even the media wasn't informed of the pharma companies' and banks' names alternatively the number of PCs which got hijacked.
» SPAMfighter News - 18-01-2016