Hive ransomware infected MediaMarkt and its operators demand $ 240 million

The ransomware Hive infected MediaMarkt, a largest in Europe German electronics and household appliances store chain. Initially, the hackers demanded a huge ransom of $ 240 million, and the attack resulted in IT systems shutdown and disruption to stores in the Netherlands and Germany.

The attack took place from Sunday to Monday, and during the incident, the company’s servers and workstations were encrypted, which led to the shutdown of IT systems (in an attempt to prevent the further spread of malware).

Bleeping Computer reports that the attack affected retail stores across Europe, but the Netherlands was hit hardest.

While online sales still work, offline stores cannot accept credit cards or print receipts. In addition, it is not possible to issue a refund because you cannot view previous purchases.the journalists of Bleeping Computer say.

Screenshots of the company’s internal negotiations posted on Twitter show that 3,100 servers were affected by the attack, but this information has not yet been officially confirmed.

Bleeping Computer claims the ransomware Hive is behind the incident, and its operators first demanded a huge $ 240 million ransom from the company. However, it is reported that this amount was soon reduced.

Representatives of MediaMarkt have already confirmed the fact of the hack, but there are no details of the incident yet. The company says it has notified law enforcement about the incident and is currently working to restore systems and investigate the incident.

Hive ransomware has been active since June 2021. Its operators hack organizations through phishing campaigns that employ malware.

Typically, hackers seek to gain administrator rights on a Windows domain controller and then deploy ransomware across the entire network to encrypt all of the affected company’s devices. At the same time, attackers seek to find and delete any backups so that the victim does not use them to restore data.

Unlike many other ransomware that does not attack medical facilities, nursing homes, government offices, and other critical facilities, Hive operators do not care who they attack. For example, this summer, a ransomware attacked Memorial Health System, a non-profit medical organization (a small network of three hospitals, outpatient clinics and outpatient clinics in Ohio and West Virginia). During the attack, patient data was stolen and staff were forced to use pen and paper instead of computer systems.

Let me remind you that I also talked about the fact that Chaos ransomware attacks Minecraft players.

Helga Smith

I was always interested in computer sciences, especially data security and the theme, which is called nowadays "data science", since my early teens. Before coming into the Virus Removal team as Editor-in-chief, I worked as a cybersecurity expert in several companies, including one of Amazon's contractors. Another experience: I have got is teaching in Arden and Reading universities.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Back to top button