https://arstechnica.com/information-technology/2019/11/spanish-companies-networks-shut-down-as-result-of-ransomware/
By Sean Gallagher
Ars Technica
11/4/2019
A targeted ransomware attack has taken down the networks of at least two
companies in Spain today, sending ripples across other companies as they moved
to defend themselves. The targets included Everis—a major IT services and
consulting subsidiary of Japan-based global communications company NTT—and the
radio company Sociedad Española de Radiodifusión (Cadena SER). A technician at
one company told Spanish broadcaster ABC, "We are in hysteria mode."
Some other companies—including Spanish airport operator Aena—took down some of
their services as a precautionary measure. They did so in part because Everis
has staff on site at many Spanish corporations. But the attack may have
affected other companies as well, though no others have publicly acknowledged
the ransomware.
The ransomware appears to be a variant of the BitPaymer family that is
connected to the Dridex group of malware, according to security researcher
Vitali Kremez and others who have analyzed the attack.
A screenshot of the note delivered by the ransomware, posted by Spanish
cryptocurrency news site Bitcoin.es, shows the hallmarks of a BitPaymer
campaign.
[...]
--
Subscribe to InfoSec News
https://www.infosecnews.org/subscribe-to-infosec-news/
https://twitter.com/infosecnews_
