Virus of Russian origin attacks important Spanish companies


At least two companies in Spain have suffered a cyberattack that has blocked their computer systems since Monday morning. The Cadena SER and Everis, a technology consultant, are the two known victims of the attack. Throughout Monday, other companies went out to deny having suffered a cyber attack. The Incibe, the body responsible for cybersecurity of Spanish private companies , has not yet given details about the number of people affected or the characteristics: "It is confidential information," he told this newspaper.





As EL PAÍS has been able to confirm from sources of the SER, the virus involved in the attack is Ryuk, the same one that attacked the Jerez City Council on September 27. Ryuk is a ransomware, a program that encrypts victims' files and asks for an economic rescue to allow their recovery. Ryuk appeared in August 2018 and is run by a Russian group called Grim Spider, according to Crowdstrike. Until January 2019, it had achieved 3.5 million euros in 52 transactions. "They are professionals in the sector, with years dedicated to bank fraud," says an expert in cybersecurity.





Cajamar and ING have denied this newspaper that they have been victims of any cyberattack, despite having admitted problems in their lines of communication, reports Íñigo de Barrón . The insurance company Mapfre has also denied it and insisted that they have their teams ready in case a new wave arrives. KPMG and Accenture have also come out publicly to deny different information that implied them.





Incibe has been the only entity that has officially admitted the attack: "We work on mitigating and recovering the incident in coordination with the companies affected," he said in a public statement.





The SER chain detected the attack at 2 in the morning. "Since then we have focused on preserving the broadcast, what we have achieved," sources at the station's address say. The company alerted the corresponding public bodies, which confirmed that the attack did not respond to political connotations. "It is part of cybercrime to use and is an attack on European companies," say the same sources. The chain asked its workers not to use any of the company's computer equipment or the Wi-Fi network to connect to the Internet.





In the SER they have not received the extension message ".txt" in which the rescue is requested, as is usual in Ryuk's attacks. There is therefore no economic amount linked to the attack. Yes there was a file with the name of the virus and an email account. It is common for Grim Spider to calculate the reward he wants to receive based on the size and value of the victim company.





Although only the name of two companies victims of the attack is known, it is very likely that there are more affected that prefer not to be identified, hence the caution of Incibe. "It is a rather massive attack," the sources of the BE have indicated to this newspaper. It is possible that new cases may appear in the next few days or that Incibe may end up giving a more complete number of those affected.





A FRENCH TV, ALSO A VICTIM





On October 14, the French television network M6, the largest private group in the country, was also the victim of a ransomware attack during a weekend. Like the SER, the station managed to stay live on its ten television and radio channels. The weather channel, the American channel dedicated to time, did not have the same fate, which disappeared from the antenna for an hour and a half last April due to a ransomware attack.


COMMENTS

Name

AC Milan,4,Arsenal,8,Atalanta,5,Atletico Madrid,6,Barcelona,15,Bayern München,5,Bundesliga,9,Business,1,Chelsea,12,Coronavirus,2,Cristiano Ronaldo,13,Dortmund,1,Ethical Hacking,46,Exploitation,35,FA Cup,2,Featured,196,Football,209,Footprinting,29,Google Adsense,2,Inter Milan,5,Juventus,15,Kali Linux,39,Kali NetHunter,3,LaLiga,39,Lazio,4,Leicester City,6,Ligue 1,26,Liverpool,11,Lyon,5,Make Money,3,Manchester City,14,Manchester United,13,Messi,2,Metasploit,1,Napoli,4,Offensive Security,17,Penetration Testing,15,Politics,2,Post Exploitation,19,Premier League,58,PSG,6,Real Madrid,13,Roma,3,Search Engine Optimization,4,Serie A,32,Sevilla,1,Sports,180,Technology,36,Tips,16,Tottenham Hotspur,9,Trending,424,UEFA Champions League,10,UEFA Europa League,11,United States,1,Windows,7,World News,7,
ltr
item
My Hack Stuff: Virus of Russian origin attacks important Spanish companies
Virus of Russian origin attacks important Spanish companies
My Hack Stuff
https://www.myhackstuff.com/2019/11/virus-of-russian-origin-attacks.html
https://www.myhackstuff.com/
https://www.myhackstuff.com/
https://www.myhackstuff.com/2019/11/virus-of-russian-origin-attacks.html
true
1336489415246004999
UTF-8
Loaded All Posts Not found any posts VIEW ALL Readmore Reply Cancel reply Delete By Home PAGES POSTS View All RECOMMENDED FOR YOU LABEL ARCHIVE SEARCH ALL POSTS Not found any post match with your request Back Home Sunday Monday Tuesday Wednesday Thursday Friday Saturday Sun Mon Tue Wed Thu Fri Sat January February March April May June July August September October November December Jan Feb Mar Apr May Jun Jul Aug Sep Oct Nov Dec just now 1 minute ago $$1$$ minutes ago 1 hour ago $$1$$ hours ago Yesterday $$1$$ days ago $$1$$ weeks ago more than 5 weeks ago Followers Follow THIS PREMIUM CONTENT IS LOCKED STEP 1: Share to a social network STEP 2: Click the link on your social network Copy All Code Select All Code All codes were copied to your clipboard Can not copy the codes / texts, please press [CTRL]+[C] (or CMD+C with Mac) to copy Table of Content