Tuesday, 19 November 2019

2 Ransomware Attacks Reported in Spain

In two separate incidents on Monday, ransomware crippled the systems of a radio network and a major consulting firm in Spain, news portal Bitcoin.es reports.

Radio network ACadena SER and consultancy Everis, which offers outsourcing, were attacked during the early hours on Monday, acccording to Bitcoin.es. In both cases, employees were unable to access their files.

In a notice to its employees, Everis acknowledges it suffered a ransomware attack. It directed its employees to turn off their computers and took down its internal networks to contain the infection.

Cadena SER gave out similar instructions and said its security team is working to recover its files.

"The SER chain has suffered this morning an attack of a computer virus of the ransomware type, file encrypter, which has had a serious and widespread affectation of all its computer systems," Cadena SER said in an update on Monday. "Following the protocol established in cyberattacks, SER has seen the need to disconnect all its operating computer systems."

It's not yet clear if the same actor is behind both attacks.

Bitcoin.es reports that sources say the attacker demanded $836,000 ransom from Everis for decrypting the files.

Spain's Department of Homeland Security and Instituto Nacional de Ciberseguridad, which focuses on the country's cybersecurity, have issued ransomware warnings.

BitPaymer Involved?

Following the attack, a ransom note sent to Everis was widely shared on Twitter. BleepingComputer reports that the ransom strain involved apparently was BitPaymer.

According to security researchers at Symantec, who did the first in-depth study of the BitPaymer in July, the Trojan encrypts files on a victim's computer before demanding a ransom.

In October, Billtrust, a cloud-based, business-to-business payment provider was hit by ransomware suspected as being BitPaymer (see: Report: Billtrust Recovering From Ransomware Attack ).

In another instance during the same month, the German-based automation tool manufacturer Pilz suffered a ransomware attack that ZDNet reported also involved BitPaymer.


source: databreachtoday.com

Legal disclaimer: The insight, recommendations and analysis presented here are based on corporate filings, current events, interviews, corporate press releases, and what we've learned as financial journalists. They are presented for the purposes of general information only, and all the information belongs to the original publishers. These may contain errors and we make no promises as to the accuracy or usefulness of the information we present. You should not make any investment decision based solely on what you read here.

Creamcoin Marketcap