Portuguese Energy Company Hit with Ragnar Locker Ransomware; Attackers Demand $10 Million to Decrypt the Data
Ransomware operatives this week attacked Portuguese energy giant Energias de Portugal (EDP) and are threatening to leak the company”s data online if EDP refuses to pay ransom.
Cybercriminals using the Ragnar Locker ransomware claim to have stolen 10 terabytes of sensitive company files before encrypting them on EDP”s end. They are now threatening to leak all the stolen data unless a 1580 BTC ($10.9 million) ransom is paid.
Like other ransomware gangs, the team behind the EDP attack uses a “leak” site to announce their attacks and subsequent leak plans if their demands aren”t met. As evidence that they are holding EDP”s information digitally-hostage, the hackers show a portion of a database export with EDP employees’ login names, passwords, accounts, URLs, and notes. The leak also includes confidential information on billing, contracts, transactions, clients, and partners.
“And be assure that if you wouldn’t pay, all files and documents would be publicated for everyones view and also we would notify all your clients and partners about this leakage with direct links,” reads the ransom note. “So if you want to avoid such harm for your reputation, better pay the amount that we asking for.”
The ransomware features an embedded RSA-2048 key and drops custom ransom notes, according to BleepingComputer.
Starting this year, ransomware operators are using their attacks in full fledged data breaches, threatening to publish the stolen data if ransom is not paid. The trend was started by the infamous Maze Team at the end of 2019. Seeing how the method yields more payments, rival ransomware groups have adopted the technique hoping to increase their chances of getting paid.
Identifying and Dealing with Online Bullying Is Not Impossible - School Presentation Inside
June 28, 2022
Let’s Celebrate World Social Media Day by Improving Your Privacy and Security Online
June 28, 2022
Bitdefender Reveals the Top Cyber Threats Faced by Consumers in 2021
June 22, 2022
Scam alert: Cybercrooks use shady investment domain to scam keen investors out of money and data
May 24, 2022
John Oliver Shows the Dark Side of Data Brokerage on Last Week Tonight
April 15, 2022
Bitdefender Labs Warns of Phishing Scams Targeting MetaMask Users
April 14, 2022