Search This Blog

Powered by Blogger.

Blog Archive

Labels

Showing posts with label Netwalker ransomware. Show all posts

FBI Warned Against a Canadian Indicted for Attacks Against US and Canada

 

The FBI and the Justice Department unveiled warrants today charging 31-year-old Canadian Matthew Philbert with a variety of ransomware-related offenses. On Tuesday, authorities from the Ontario Provincial Police made a public statement in Ottawa to disclose the charges and Philbert's arrest. 

U.S. Attorney Bryan Wilson of the District of Alaska said in a statement that Philbert “conspired with others known and unknown to the United States to damage computers, and in the course of that conspiracy did damage a computer belonging to the State of Alaska in April 2018.” 

Canadian officials received assistance from Dutch authorities and Europol in this case; Canadian authorities also charged Philbert, claiming that he was apprehended on November 30. Authorities did not specify which ransomware gang Philbert was a member of or which operations he is responsible for. 

"Cybercriminals are opportunistic and will target any business or individual they identify as vulnerable," stated Deputy Commissioner Chuck Cox of the Ontario Provincial Police. 

Philbert is charged with one count of conspiracy to commit fraud as well as another count of fraud and associated activities involving computers. 

Cox stated during the press conference that the FBI alerted officials in Ontario over Philbert's activities, which also included ransomware cyberattacks on businesses, government entities, and individual citizens. Police further stated they were able to seize multiple laptops, hard drives, blank cards with magnetic stripes, as well as a Bitcoin seed phrase while Philbert was being arrested. 

In January, authorities in Florida apprehended another Canadian individual concerning several Netwalker ransomware attacks. According to the DOJ, Sebastien Vachon-Desjardins made around $27.6 million through various ransomware attacks on Canadian companies such as the Northwest Territories Power Corporation, the College of Nurses of Ontario, and the Canadian tire business in British Columbia. 

Some people believe that ransomware attacks originated in Russia or the Commonwealth of Independent States, according to Emsisoft risk analyst Brett Callow, a ransomware expert located in Canada. 

Whereas the ransomware was "made" in certain countries, Callow pointed out that the people who use it to carry out attacks could be located elsewhere. 

"In fact, there's so much money to be made from ransomware, it would be extremely surprising if individuals in countries like Canada, America, and the UK hadn't entered the market. Those individuals may, however, be sleeping a little less well at night than they used to. In the past, there was a near-zero chance of them being prosecuted for their crimes, but that's finally starting to change," Callow said.

Enel Group attacked by Netwalker, demanding a whooping $14 million

 

Energy Company Enel Group has yet again been hit by malware, making it a second this year. The energy group has been demanded a ransom of 14 million dollars for the decryption key and to not reveal the stolen data by Netwalker ransomware.
Enel Group is an Italian multinational Power company, operating in 30 countries working in electricity generation and distribution, as well as in the distribution of natural gas. With a revenue of $90 billion, it ranks 87th in Fortune Global 500. 

Earlier this year in June, Enel Group was attacked by Snake ransomware also known as EKANS but then the attack was caught beforehand and was not successful. Contrary to now, when Netwalker not only successfully encrypted the power company's system but also leaked their data on its website. 

Enel Group has still not confirmed if the attack was true but bleepingcomputer confirms the attack as data given by Netwalker reveals info of Enel employees. 

The attackers connected to Enel Group writs, "Hello Enel. Don't be afraid to write us.", and still the power company maintained their silence and as is the norm when the victim doesn't engage with the hackers the ransom doubles and now Enel Group's ransom stands at a whopping 14 million dollars.

 Netwalker claims that they stole 5 terabytes of data and today the ransomware leaked the Enel Group's data to their data leak site. This was bound to happen since Enel Group neither engaged the hackers nor did they in any way showed any signs of an attack. Now, Netwalker is pressuring the Resource company in succumbing to the demands as they leak their data and threaten to (in their words) "analyze every file for interesting things" to be further leaked on the dark web. 

 Enel Groups better have an ace in their sleeves or a very good cyber hacker to get their data back.