The ransomware attack would have aimed at 3,100 Media Markt servers. Operations in stores in the Netherlands, Belgium, Germany, and some in Spain got affected by the criminal act.
A group of hackers had launched a ransomware (data hijacking) attack against a multinational chain of stores with high participation in Europe called Media Markt. The crime arrived along with the most relevant commercial season of the year on the horizon.
According to the information revealed on the case, the hackers are currently demanding at least USD 50 million (about 756.5 BTC) from the company to release the stolen data.
Media Markt, of German origin, is the largest electronics retailer in Europe as it counts on more than 1,000 stores in 13 countries and some 40 years of activity. Reports also indicate that the attack, which began this Monday, November 8, is still active. Hackers would have taken control of some 3,100 company servers and encrypted the data to prevent access to it.
The action generated the failure of IT systems and the interruption of operations in the Netherlands, Belgium, and Germany. In Spain, many stores got also affected and now are unable to process online transactions.
On the other hand, they had to limit themselves to selling only products that appear physically in each store. The company sent emails to the entire staff requesting that they not use the network, reboot every single system, and disconnect the cash registers from the network.
Hackers Requested USD 240 Million
It turned out that the hackers initially demanded a sum in bitcoin equivalent to USD 240 million, but after negotiations with the company, the amount got raised to USD 50 million.
The BleepingComputer portal highlighted that it managed to confirm that the Hive Ransomware operation would be the sole responsible for the attack. According to the report, it is an operation that got launched in June of this year, and that violates the IT security of organizations using phishing campaigns with malware.
The BleepingComputer also noted that Operation Hive attacks often include theft of unencrypted files, which hackers use to blackmail those affected by threatening to leak the stolen data.
Media Markt did not specify whether the attack included this kind of theft. Media Markt did highlight that it reported it to the legal authorities and is working hard to identify the affected systems and fix the damage caused as soon as possible.
Regarding these types of attacks, the US Government recently announced that they would pay a million-dollar reward to people bringing information about hackers involved in ransomware.
The initiative started by offering USD 10 million for the identity and instant location of the leaders of the DarkSide group. This group is the one that attacked the Colonial Pipeline, a fuel distribution center for aircraft and vehicles on the southeast coast of the United States of America.
By: Jenson Nuñez
