Security Market Segment LS
Thursday, 16 July 2020 09:17

Cyber crims use Windows Nefilim ransomware to hit Indian firm Indoco

Cyber crims use Windows Nefilim ransomware to hit Indian firm Indoco Courtesy Indoco

Cyber criminals appear to have hit the website of Indian pharmaceutical product manufacturer Indoco Remedies using the Windows Nefilim ransomware, and have released preliminary details about the raid.

Describing the post (screenshot below) put up this morning as a teaser for the leak on Indoco, the gang said the company was mainly involved in the manufacture and marketing of formulations and active pharmaceutical ingredients.

On its website, Indoco describes itself as a "fully integrated, research-oriented pharma company engaged in the manufacturing and marketing of formulations (Finished Dosage Forms) and active pharmaceutical ingredients (APIs)".

"We have seven decades of presence in the Indian Pharma market and a strong foothold in the international market across 55 countries. Indoco, a US$145 million company, employs about 6000 personnel, including over 300 skilled scientists," it adds. Indoco has a a state-of-the-art R&D centre at Rabale in Navi Mumbai and a clinical research organisation in Hyderabad.

The company has business in India and abroad. It offers products for various therapeutic categories, such as stomatologicals, respiratory, anti-infectives, gastrointestinal, pain/analgesics, gynaecological, vitamins/minerals/nutrients, ophthal/otologicals and dermatology.

indoco ransomware

Screenshot of the Nefilim announcement. Supplied

Its domestic marketing divisions include INDOCO, SPADE, Warren NxGen, Warren Ace, Spera, Indoco Focus, Indoco CND, Warren Excel, Warren Vision, Eterna, Institution and Indoco IMPULSE. The company’s products include Sensodent-K, Homide, Carmicide, Renolen, Rexidin M, Febrex Plus, Zincoren, Otorex, Cloben G, Methycal, Tuspel, Scabex, Hemsyl, Karvol Plus, Durashape, Lignox, Sensoform Toothpaste, Kidodent Toothpaste, Rosuchek D, Otichek and Irimist.

The Nefilim ransomware was in the news when a gang used it to attack Australian logistics and transport provider Toll Holdings in May.

The same ransomware was used to attack appliance maker Fisher & Paykel last month.

Nefilim, is one of the growing number of ransomware packages that encrypts data on-site while PowwerShell scripts are used to exfiltrate victims' files. This, in effect, means that any victim is hit by both a data breach and also loses access to his/her files.

iTWire has contacted Indoco for comment.

Subscribe to ITWIRE UPDATE Newsletter here


The much awaited iTWire Shop is now open to our readers.

Visit the iTWire Shop, a leading destination for stylish accessories, gear & gadgets, lifestyle products and everyday portable office essentials, drones, zoom lenses for smartphones, software and online training.

PLUS Big Brands include: Apple, Lenovo, LG, Samsung, Sennheiser and many more.

Products available for any country.

We hope you enjoy and find value in the much anticipated iTWire Shop.



iTWire TV offers a unique value to the Tech Sector by providing a range of video interviews, news, views and reviews, and also provides the opportunity for vendors to promote your company and your marketing messages.

We work with you to develop the message and conduct the interview or product review in a safe and collaborative way. Unlike other Tech YouTube channels, we create a story around your message and post that on the homepage of ITWire, linking to your message.

In addition, your interview post message can be displayed in up to 7 different post displays on our the site to drive traffic and readers to your video content and downloads. This can be a significant Lead Generation opportunity for your business.

We also provide 3 videos in one recording/sitting if you require so that you have a series of videos to promote to your customers. Your sales team can add your emails to sales collateral and to the footer of their sales and marketing emails.

See the latest in Tech News, Views, Interviews, Reviews, Product Promos and Events. Plus funny videos from our readers and customers.


Sam Varghese

Sam Varghese has been writing for iTWire since 2006, a year after the site came into existence. For nearly a decade thereafter, he wrote mostly about free and open source software, based on his own use of this genre of software. Since May 2016, he has been writing across many areas of technology. He has been a journalist for nearly 40 years in India (Indian Express and Deccan Herald), the UAE (Khaleej Times) and Australia (Daily Commercial News (now defunct) and The Age). His personal blog is titled Irregular Expression.

Share News tips for the iTWire Journalists? Your tip will be anonymous




Guest Opinion

Guest Reviews

Guest Research

Guest Research & Case Studies

Channel News