Sodinokibi ransomware (aka REvil) operators are demanding a $14 million ransom from Brazilian-based electrical energy company Light S.A.
Sodinokibi ransomware (aka REvil) operators have breached the Brazilian-based electrical energy company Light S.A. and are demanding a $14 million ransom.
The company issued comments to a local newspaper confirming the attack,
Light S.A. admitted the intrusion to a local newspaper, but it did provide technical details of the security breach either disclose the type of ransomware that infected its systems.
“The company claims to have been the victim of a virus attack, but what motivated this attack has been kept confidential: hackers have invaded the system and sent a virus that encrypts all Windows system files.” reads the post published by the newspaper.
Researchers at AppGate have analyzed a sample of the malware allegedly employed in the attack and linked it to the Sodinokibi ransomware.
“Our malware analysis team had access to the binary that was likely used in the attack and we were able to confirm that the sample is from a family known as Sodinokibi (aka REvil).” reads the analysis published by AppGate. “Althought we can’t confirm that this was the exact same file used in the attack, the evidence points to being connected to the Light SA breach, such as the ransom price, for example.”
The binary was uploaded to a public sandbox, a circumstance that suggests the personnel at the company have subm ..
Support the originator by clicking the read the rest link below.
