Ransomware Takes Out the Mardi Gras City
The good news is that the city’s computer systems are still functional, and New Orleans is still alive and kicking. This can be attributed to fast action from city officials, who noticed a wide array of phishing attempts occurring last Friday. They quickly saw this as a sign that bigger things were about to come and shut down all devices and computers that had potentially been affected, while the remaining computer networks are still up and running.
Thus, factors such as police, emergency vehicles and the city’s fire department all remain functional outside the “city’s internet network,” while building inspections are all being performed manually for the time being.
The ransomware utilized in this case was Ryuk, a popular form of malware amongst hackers that encrypts computer systems and demands bitcoin funds. Ryuk has spread across the world like an epidemic over the past few months, affecting everything from governments to schools to hospitals without warning.
In addition, the malware encompasses a “special” ability that inherently destroys the encrypted files of anyone who pays the desired bitcoin ransoms.
In any case, ransomware is becoming a serious problem, not just in how fast it spreads or the damage it causes, but in how the hackers employing it are behaving towards their victims. A new report suggests that one ransomware group has created a website listing and humiliating all the companies that have refused to pay their crypto ransoms in the past, instead vying to rebuild their networks from scratch.
Under normal circumstances, not giving into terrorist activity and rebuilding one’s systems would be considered a brave and hearty move, though the hackers aren’t likely to take kindly to such a step, and this case is no exception.
While the hacking group remains unnamed at the time of writing, they are widely credited with developing the Maze ransomware, which was ultimately responsible for the Pensacola attack – an incident that saw nearly $1 million in bitcoin units being requested by the malicious actors.
If You Don’t Pay, We’ll Humiliate You
The group now is utilizing the website it’s created to humiliate and attack the companies that haven’t given in. In broken English, a section of the website reads:
Represented here companies don’t wish to cooperate with us and trying to hide our successful attack on their resources. Wait for their databases and private papers here. Follow the news!
Among the bits of information listed about these companies on the site include their IP addresses, the dates in which they were attacked and even stolen PDF files. The site also lists the names of several of the companies’ infected servers.