Did Jack Daniels Thwart a Ransomware Assault or Not?
Ransomware gang REvil, identified additionally as Sodinokibi, claims to have mounted a profitable assault in opposition to the U.S. wine and spirits big, Brown-Forman Corp — however the firm claims in any other case.
The corporate is the official producer of Jack Daniels whiskey.
In keeping with cybersecurity companies supplier, AppGate, the well-known alcoholic drinks producer did fall sufferer to an assault however refused to pay the ransom demanded by REvil. In response the hackers put knowledge stolen within the assault up on the market for round $1.5 million on the “wall-of-shame” part of their darknet official weblog.
Nonetheless, Brown-Forman Corp advised Infosecurity-Journal in a press release that they had efficiently prevented cybercriminals from encrypting its recordsdata. This doesn’t essentially imply the gang’s declare to have compromised the inner community and stolen delicate knowledge is wrong.
Talking with Cointelegraph, Felipe Duarte, a safety researcher at AppGate and the writer of the examine, stated there isn’t a technique to verify if the information allegedly stolen by REvil actually exists or “if it’s only a risk.”
The one proof that the gang has revealed are screenshots printed on their darknet website of the alleged knowledge stolen.
Duarte confirmed that REvil group additionally infiltrated three worldwide targets within the oil and fuel, insurance coverage, and consulting industries, together with quest-worldwide.com in Australia, eurecat.com in France, and Nationwide Western Life within the USA.
Duarte advised Cointelegraph that REvil and different hacker teams have seen important monetary achieve from their mannequin of teasing out among the stolen knowledge and promoting the “crown jewels” to the best bidder.
He provides that if firms proceed to pay these ransoms, these teams will be capable of fund and broaden their operations to extra targets exponentially sooner.
Ransoms in Monero
Duarte stated that almost all ransoms are migrating from Bitcoin (BTC) to different cryptocurrencies corresponding to Monero (XMR). “Sodinokibi used Bitcoin till 2019, this yr they began accepting solely Monero (XMR) for ransom funds and stolen knowledge auctions,” he stated.
“Monero appears to be the primary selection for many of the new assaults, because it’s considerably tougher to trace than Bitcoin. We might anticipate to see governments and others flip a watch in direction of bettering their monitoring of this foreign money, as they’ve with Bitcoin, as these assaults on important infrastructure firms develop.”
Lately, REvil stole over 800 GB of information from ADIF, the Spanish state-owned railway infrastructure supervisor, after a profitable assault deployed on their programs.