Cogencis, Thursday, Aug 17
[C] Ransomware Mamba resurfaces, attacks 3 companies in India
MUMBAI - Three months after the Wannacry attack, Mamba, another
ransomware that encrypts all the data on hard drives on victim computers,
has resurfaced in India and attacked at least three Indian companies after
spreading across Brazil and Saudi Arabia.
Like previous ransomware attacks, Mamba, which first appeared in September 2016, demands a ransom in bitcoin. But unlike previous attacks, the amount demanded varies depending on the victim and scale of attack.
The powerful ransomware has attacked clients of the Gurugram-based cyber security firm
Indian companies in the banking and financial services sector, logistics sector, and small and medium enterprise segment have thwarted Mamba attacks this month, Ankush Johar, director of, told Cogencis.
The last ransomware with similar modus operandi of disk-level encryption, called Petya, appeared in March this year. However, Mamba, which uses an open-source tool called DiskCryptor is even more dangerous than Petya, or its later strain, Petwrap, as it encrypts entire hard drives.
The ransomware spreads through malicious attachments that arrive through e-mail and the only preventive measure to save data from such attacks is to ensure back-up and take it offline.
Mamba also uses an "exploit kit", which can make innocuous-seeming and trusted websites deliver the ransomware to any computer without the website-owner's knowledge, Johar said.
Ransomware attacks are on the rise and Indian companies, especially those in the small and medium enterprises sector, remain especially vulnerable as they use pirated software.End

Reported by Suraj Sharma
Filed by Avishek Dutta

Copyright Cogencis Information Services Ltd. 2013. All rights reserved.