Watch out! A new ransomware attack has been detected and it’s spreading quickly around the world with a rate of 2 million attacks per hour. It’s likely higher.
According to an analysis from Barracuda Networks, the massive attack is launching around 8,000 different versions of the virus script. This makes it very difficult to put a stop to the attack.
The attacks seem to have originated in Vietnam, but some are coming from a multitude of other countries including India, Colombia, Turkey, and Greece. As the attacks spread, computers in more countries will be part of the hack.
“What’s remarkable about this one is just the sheer volume of it,” said Barracuda’s Eugene Weiss.
Right now, the attack is still spreading rapidly. If you look at the WannaCry ransomware attacks this year, its effects can be devastating. That’s why we wanted to alert you of this attack as soon as we became aware it.
What to look out for
Initial reports indicate that the conduit for this ransomware attack appears to be an email. Be on the look out for any email with a subject of “Herbalife” or a “copier” file.
There could also be variants of the email subjects as the attacks spread so be on alert. One wrong click of a link in the email and all your files are overtaken by ransomware.
However, since this attack is still evolving as we speak, please look out for phishing and suspicious emails in general.
You need to know this too: Scammers are starting to take advantage of the huge Equifax breach. Click here to know what to look out for so you’re not their next victim.
Here are more facts about this new attack:
- The attackers seem to be using a kit that automates the ransomware’s variations, resulting in 8,000 variants so far.
- Important: Victims who pay the ransom have not received the decryption tool so far.
Update: 9/21/2017 09:00 AM PST
- Barracuda Networks researchers have confirmed that this ongoing attack is using a Locky ransomware variant.
- The ransomware only has a single identifier which means anyone who pays the ransom can’t get their files unlocked. Ransomware should have unique identifiers so that attackers can send specific unlocking keys to each victim. In this case, with a single identifier, this is impossible.
- The attack is also checking the target computer’s language files. This suggests that international versions of this attack may be coming.
- Barracuda Networks said that its systems have already blocked 27 million emails so far and the attack is still continuing at the same pace.
Since this is still a developing attack, the full impact of this new ransomware campaign is not known yet. Details and its vector may evolve so please remain vigilant.
We’ll fill you in with the details as we find out more so keep close to us here at Komando.com. Share this page so your family and friends aren’t taken by the hackers.
Your backup is critical
Are you protected from this and the next massive ransomware attack? Cybercriminals are always developing more complicated variants that make it harder for anti-malware software to detect.
That’s why you need to backup all of your critical data. We recommend our sponsor IDrive.
If you get hit with ransomware, no problem. Just restore your backup. Take that hackers!