2 min read

Campari staggers to its feet following $15 million Ragnar Locker ransomware attack

Graham CLULEY

November 09, 2020

Campari staggers to its feet following $15 million Ragnar Locker ransomware attack
  • Campari has managed to restore some of its IT systems following attack
  • Headaches continue for drinks manufacturer after ransom demand over stolen data

Campari, the company famous around the world for its dark red alcoholic liqueur, says that it has managed to bring some of its IT systems back to working order after hackers attacked its network with ransomware.

However, a number of its IT systems remain suspended – either temporarily or deliberately – or are only capable of limited functionality while the IT teams attempts to restore operations in a secure way.

Campari was targeted by hackers using the Ragnar Locker ransomware. According to some reports, the malware attack managed to encrypt data on 24 of the company’s servers around the world, and the hackers responsible have demanded a cryptocurrency ransom worth $15 million.

In its ransom note, the group claimed it had stolen 2TB worth of files from Campari’s servers, including sensitive information including bank statements, social security numbers, tax forms, contracts, and even passport details.

The hackers claim that if they do not receive the ransom they will either release the sensitive data to the public, or sell it on to other criminals. To raise the heat somewhat, the attackers shared links to images where screenshots of stolen data could be seen.

Campari Group confirmed last week that data on its network had been encrypted in the attack, and that it was unable to exclude the possibility that some personal and business data had been exfiltrated by the hackers.

The company has made no statement about whether it would be prepared to pay the ransom or not, but for now it certainly sounds as if it has chosen to attempt to rebuild its services on multiple sites, adding additional security measures in a bid to prevent reinfection.

Rebuilding and recovering infected IT systems is one thing, but it doesn’t change the fact that data has been stolen from the infected company – and the damage which could potentially be done if that data was to fall into the laps of criminals prepared to exploit it.

Interestingly, researchers have linked the ransomware attack against Campari with that recently undertaken against video game developer Capcom.

On Twitter, MalwareHunter Team claimed that the Ragnar Locker ransomware samples used in both attacks were signed with the same digital certificate.

Capcom and Campari. One wonders who might be next on Ragnar Locker’s list…

tags


Author



Right now

Top posts

E-mails claiming your computer was hacked and your privacy exposed - what you need to know (spoiler: you can relax - they’re bluffing)

E-mails claiming your computer was hacked and your privacy exposed - what you need to know (spoiler: you can relax - they’re bluffing)

July 29, 2021

5 min read
Watch Out for These Ongoing Bank of America Phishing Campaigns Targeting Customers in the US

Watch Out for These Ongoing Bank of America Phishing Campaigns Targeting Customers in the US

July 16, 2021

3 min read
How to protect yourself against cyberstalking

How to protect yourself against cyberstalking

July 06, 2021

2 min read
The Top Five Security Risks Smartphone Users Face Today

The Top Five Security Risks Smartphone Users Face Today

July 02, 2021

4 min read
Phishing Alert: Scammers Use Fake SharePoint and DocuSign Messages to Steal Users’ Login Credentials

Phishing Alert: Scammers Use Fake SharePoint and DocuSign Messages to Steal Users’ Login Credentials

July 02, 2021

3 min read
Your Doxxing Dossier Will Keep Growing Thicker Until You See the Danger

Your Doxxing Dossier Will Keep Growing Thicker Until You See the Danger

June 30, 2021

2 min read

FOLLOW US ON

SOCIAL MEDIA


You might also like

The Perils of Online Dating: Spotting Romance Scammers Before They Break Your Heart and Your Bank Account The Perils of Online Dating: Spotting Romance Scammers Before They Break Your Heart and Your Bank Account
Alina BÎZGĂ

August 05, 2021

3 min read
Google Fixes Five High-Severity Flaws in Chrome 92 for Windows, Mac and Linux Google Fixes Five High-Severity Flaws in Chrome 92 for Windows, Mac and Linux
Filip TRUȚĂ

August 05, 2021

1 min read
Google Drops All Support for Android 2.3.7 and Older Google Drops All Support for Android 2.3.7 and Older
Silviu STAHIE

August 04, 2021

1 min read