In early October 2020, The Clop ransomware operators attacked the German IT company Software AG and demanded a ransom about $23,000,000 (2,083,0069 BTC).ZDNet journalists report that the attack took place on October 3, 2020. That time the attackers encrypted the company’s files and switched to blackmail.
Last weekend, following the collapse of negotiations, The Clop’s operators posted screenshots of the data stolen from the company on their darknet site. Let me remind you that a similar strategy appeared in various ransomware campaigns this year.
The screenshots posted by the cybercriminals show scans of passports and other employee IDs, their emails, financial documents and various directories from the company’s internal network.
Software AG representatives admit that the company suffered “from a malware attack.” At first, the company said that the operation of all services, including cloud services, remained unchanged, and customer data was not affected.
However, this statement was revised in a later press release: two days later, Software AG admitted that the hackers still managed to steal the data.
A copy of the ransomware binary used against Software AG discovered cybersecurity researcher MalwareHunterTeam last week. Reporters and a researcher emphasize that the $23 million ransom demanded by hackers is one of the largest in history.
The special ID provided by the cybercriminals in the ransomware message allowed researchers to view an online chat on the hackers’ site, in which The Clop’s operators planned to negotiate with representatives of Software AG.
Software AG is engaged in software development and has existed since 1969. The company has more than 5,000 employees and Software AG has offices in 70 countries.
Software AG’s client list includes government, banking, transportation, insurance, retail and many others. Among them: Airbus, Lufthansa, DHL, Telefonica, Credit Suisse and Continental.
Let me also remind you that the crimes of ransomware operators have already gone beyond the purely financial framework. Recently happened the first death due to ransomware attack: German hospital patient dies.
User Review( votes)