Portuguese Multinational Energy Giant ‘Energias de Portugal‘ (EDP) are under ransomware attack and cyber-criminals are demanding 1580 BTC ransom ($10.9M or €9.9M).
EDP Group is one of the largest European operators in the energy sector (gas and electricity) and the world’s 4th largest producer of wind energy. The company is present in 19 countries and on 4 continents, it has over 11.500 employees and delivers energy to more than 11 million customers.
According to bleepingcomputer, cyber-criminals claimed that they have stolen over 10 TB of sensitive company files and they are now threatening the company to leak all the stolen data unless the ransom is paid.
“We had downloaded more than 10TB of private information from EDP group servers,” a new post on Ragnarok’s leak site says.
“Below just a couple of files and screenshots from your network only as a proof of possession! At this moment current post is a temporary, but it could become a permanent page and also we will publish this Leak in Huge and famous journals and blogs, also we will notify all your clients, partners and competitors. So it’s depend on you make it confidential or public !”
The Ragnar Locker ransomware sample used in this attack was found by MalwareHunterTeam and BleepingComputer was able to also find the ransom note and the Tor payment page where the attackers detail the decryption process and the ransom amount.
According to the ransom note dropped on the EDP encrypted systems, the attackers were able to steal confidential information on billing, contracts, transactions, clients, and partners.
“And be assure that if you wouldn’t pay, all files and documents would be publicated for everyones view and also we would notify all your clients and partners about this leakage with direct links,” the ransom note reads.
“So if you want to avoid such harm for your reputation, better pay the amount that we asking for.”
