Explore the latest news and trends  

Sign up for our weekly security newsletter


Be the first to receive important updates on security





Send

Lechiffre Ransomware Incident in India Results in Multi-Million Dollars Damage


In January beginning, a hacking incident compromised the PC-networks of a pharmaceutical firm and 3 banks situated inside India. For this, understandably, the attacker(s) infected all the devices with a ransomware called LeChiffre which locked all files on them through encryption.

Malwarebytes the anti-malware firm explains that LeChiffre, unlike most ransomware families, requires being manually operated to spread across multiple PCs. It isn't a usual ransomware that spreads via drive-by downloads, e-mail attachments, among others. LeChiffre works solely after getting planted on the target computer and executed manually. In the latest case of LeChiffre, the hacker first invaded the financial institutions' networks followed with escalating his admission into remaining computers through Remote Desktop ports that weren't password-protected.

The hacker, after acquiring admission into a PC, downloaded LeChiffre waiting for command his server would issue, followed with making two quick clicks of the mouse for beginning the encryption procedure. LeChiffre, besides encrypting files, loads a backdoor as well onto the system. Softpedia posted this, January 24, 2016.

The cyber-security vendor Malwarebytes on closer examination of LeChiffre found that the malware's encryption procedure involved locking every file's beginning and end 8192 bytes followed with attaching the encryption code like one 32-byte blob onto that file. The AES form of encryption is LeChiffre's modus-operandi.

Victims contracting LeChiffre's infection are required to e-mail the ransomware's owner at an id provided inside the ransom missive. Typically, the amount to be paid as ransom is one bitcoin (about EUR370/$400) for every PC. Meanwhile according to a report from India Times, the total destruction from the numerous computers that the hacker compromised amounted to multi-million dollars.

Earlier twin hackers from the Middle East broke into the computers of two Indian businesses, pilfering their confidential data, followed with effectively holding them to an USD5$ each of ransom. If failed to pay, the businesses' private files would have got disclosed to government officials thus making them accountable for the illegal activities they engaged in.

The businesses complied with the extortion to restore some fifteen PCs in order that the chief executives if not other staff became capable of utilizing their respective PCs.

ยป SPAMfighter News - 1/29/2016

3 simple steps to update drivers on your Windows PCSlow PC? Optimize your Slow PC with SLOW-PCfighter!Email Cluttered with Spam? Free Spam Filter!

Dear Reader

We are happy to see you are reading our IT Security News.

We do believe, that the foundation for a good work environment starts with fast, secure and high performing computers. If you agree, then you should take a look at our Business Solutions to Spam Filter & Antivirus for even the latest version of Exchange Servers - your colleagues will appreciate it!

Go back to previous page
Next