In a somewhat novel approach to ensuring that their victim knows they have been hacked and their systems locked up, the Egregor threat actors sent messages to some Cencosud stores.
Some video was shared on Twitter by @Irlenys:
El #ransomware que le pegó a Cencosud es #Egregor. La ransom note empezó a salir en las impresoras de varios locales de Argentina y Chile pic.twitter.com/k1Ps4IDUyq
— Irlenys (@Irlenys) November 15, 2020
Translation: The #ransomware that hit Cencosud is #Egregor . The ransom note began to appear in the printers of several stores in Argentina and Chile
Screenshot taken from video posted to Twitter by @Irlenys
The ability to send ransom notes to printers is a feature of Egregor ransomware, as reported by BleepingComputer, who first reported on the Cencosud breach:
Clarín also reported that printers in numerous retail outlets in Chile and Argentina, such as Easy home goods stores ..
Support the originator by clicking the read the rest link below.