2 min read

Campari staggers to its feet following $15 million Ragnar Locker ransomware attack

Graham CLULEY

November 09, 2020

Ad One product to protect all your devices, without slowing them down.
Free 90-day trial
Campari staggers to its feet following $15 million Ragnar Locker ransomware attack
  • Campari has managed to restore some of its IT systems following attack
  • Headaches continue for drinks manufacturer after ransom demand over stolen data

Campari, the company famous around the world for its dark red alcoholic liqueur, says that it has managed to bring some of its IT systems back to working order after hackers attacked its network with ransomware.

However, a number of its IT systems remain suspended – either temporarily or deliberately – or are only capable of limited functionality while the IT teams attempts to restore operations in a secure way.

Campari was targeted by hackers using the Ragnar Locker ransomware. According to some reports, the malware attack managed to encrypt data on 24 of the company’s servers around the world, and the hackers responsible have demanded a cryptocurrency ransom worth $15 million.

In its ransom note, the group claimed it had stolen 2TB worth of files from Campari’s servers, including sensitive information including bank statements, social security numbers, tax forms, contracts, and even passport details.

The hackers claim that if they do not receive the ransom they will either release the sensitive data to the public, or sell it on to other criminals. To raise the heat somewhat, the attackers shared links to images where screenshots of stolen data could be seen.

Campari Group confirmed last week that data on its network had been encrypted in the attack, and that it was unable to exclude the possibility that some personal and business data had been exfiltrated by the hackers.

The company has made no statement about whether it would be prepared to pay the ransom or not, but for now it certainly sounds as if it has chosen to attempt to rebuild its services on multiple sites, adding additional security measures in a bid to prevent reinfection.

Rebuilding and recovering infected IT systems is one thing, but it doesn’t change the fact that data has been stolen from the infected company – and the damage which could potentially be done if that data was to fall into the laps of criminals prepared to exploit it.

Interestingly, researchers have linked the ransomware attack against Campari with that recently undertaken against video game developer Capcom.

On Twitter, MalwareHunter Team claimed that the Ragnar Locker ransomware samples used in both attacks were signed with the same digital certificate.

Capcom and Campari. One wonders who might be next on Ragnar Locker’s list…

tags


Author



Right now

Top posts

John Oliver Shows the Dark Side of Data Brokerage on Last Week Tonight

John Oliver Shows the Dark Side of Data Brokerage on Last Week Tonight

April 15, 2022

3 min read
Bitdefender Labs Warns of Phishing Scams Targeting MetaMask Users

Bitdefender Labs Warns of Phishing Scams Targeting MetaMask Users

April 14, 2022

3 min read
Why and how to hide your IP address while traveling

Why and how to hide your IP address while traveling

April 13, 2022

2 min read
How Bitdefender Can Help Restore Your Privacy in the Digital Age

How Bitdefender Can Help Restore Your Privacy in the Digital Age

April 04, 2022

3 min read
How Strong is VPN Encryption?

How Strong is VPN Encryption?

February 28, 2022

3 min read
Top Three Ways Internet Users Unknowingly Help Cybercriminals

Top Three Ways Internet Users Unknowingly Help Cybercriminals

February 25, 2022

4 min read

FOLLOW US ON

SOCIAL MEDIA


You might also like

1.8 Million Texans Caught in TDI Data Breach 1.8 Million Texans Caught in TDI Data Breach
Silviu STAHIE

May 20, 2022

1 min read
Your Identity is Being Traded on The Internet Every 2.5 Minutes Your Identity is Being Traded on The Internet Every 2.5 Minutes
Radu CRAHMALIUC

May 20, 2022

3 min read
Malware and PUA Campaigns Abuse Existing Apps, Here’s a Top 10 to Watch Out For Malware and PUA Campaigns Abuse Existing Apps, Here’s a Top 10 to Watch Out For
Silviu STAHIE

May 19, 2022

3 min read