Stories

Ransomware hack targeting 2 million an hour

This photo shows fingers on a laptop keyboard in North Andover, Mass. Elise Amendola / AP

A ransomware attack sweeping the globe right now is launching about 8,000 different versions of the virus script at Barracuda's customers, Eugene Weiss, lead platform architect at Barracuda, told Axios, and it's hitting at a steady rate of about 2 million attacks per hour.

Weiss' gut reaction on this hack: "What's remarkable about this one is just the sheer volume of it."

Here's what you need to know on the latest:

  • Automated hacking: "Nobody actually sat there and made 8,000 digital modifications," Weiss said. The way they do it is by using a kit that essentially automates code variations.
  • What to watch out for: An incoming email spoofing the destination host, with a subject about "Herbalife" or a "copier" file delivery. Two of the latest variants Barracuda has detected include a paragraph about legalese to make it seem official, or a line about how a "payment is attached," which tricks you to click since, as Weiss puts it, "everyone wants a payment."
  • The hackers are using social engineering to get people to click. That's increasingly becoming a trend, per Weiss. It's "less pure technical hacks" and instead using psychological tactics "get someone to click on something they shouldn't be."
  • If you remember one thing: "Don't click the link that is absolutely the most essential thing."
  • The targets: Email addresses at businesses or institutional groups in the U.S. or Canada.
  • It's likely not a nation-state perpetrating the hack, since the hackers' motives are financial. Instead it's a small, sophisticated group of criminals. The attacks are originating in Vietnam for the most part, as well as India, Colombia, Turkey, Greece, and a few other countries.
  • The future of global hacks: "At some point in the future you may see multilingual internationalized" hacks, Weiss said. In other words, they could be language-targeted. While the messages from these particular hackers are all in English so far, the virus programs are assessing the target computers' language settings.

Go deeper: The growing threat of ransomware attacks

More stories loading.