The ransomware Hive infected MediaMarkt, a largest in Europe German electronics and household appliances store chain. Initially, the hackers demanded a huge ransom of $ 240 million, and the attack resulted in IT systems shutdown and disruption to stores in the Netherlands and Germany.
The attack took place from Sunday to Monday, and during the incident, the company’s servers and workstations were encrypted, which led to the shutdown of IT systems (in an attempt to prevent the further spread of malware).
Bleeping Computer reports that the attack affected retail stores across Europe, but the Netherlands was hit hardest.
Screenshots of the company’s internal negotiations posted on Twitter show that 3,100 servers were affected by the attack, but this information has not yet been officially confirmed.
Bleeping Computer claims the ransomware Hive is behind the incident, and its operators first demanded a huge $ 240 million ransom from the company. However, it is reported that this amount was soon reduced.
Representatives of MediaMarkt have already confirmed the fact of the hack, but there are no details of the incident yet. The company says it has notified law enforcement about the incident and is currently working to restore systems and investigate the incident.
Hive ransomware has been active since June 2021. Its operators hack organizations through phishing campaigns that employ malware.
Typically, hackers seek to gain administrator rights on a Windows domain controller and then deploy ransomware across the entire network to encrypt all of the affected company’s devices. At the same time, attackers seek to find and delete any backups so that the victim does not use them to restore data.
Let me remind you that I also talked about the fact that Chaos ransomware attacks Minecraft players.