Few industries escape the financial gluttony of hackers.
New player on the "market" of ransomware operators, the Spook group claims a cyberattack carried out, successfully according to them, against Paris Society, a Parisian high-end catering company.
Ransomware or "ransomware" in English refers to malicious software that encrypts, renders completely unreadable, the data of a computer, a server or a network of a company or a local authority.
But before confusing everything, the cybercriminals took care to empty the files to carry out a double extortion.
If the company does not pay the claimed amount in cryptocurrency to recover its data, then the kidnappers threaten to disclose the stolen information.
Contacted this Wednesday afternoon, Paris Society assures that it has not received a ransom demand.
A preview of the loot released
The hackers published a sample of the data stolen in the attack on their blog on the Darknet on Tuesday evening in order to put pressure on the victim to pay the ransom.
The four documents consist of two Excel file-type tables, a screenshot of files in Windows and a screenshot of a contract in PDF format.
"These are old files of a few Gigabytes which were stored on a server that has been used more for months", we say at Paris Society which "will not pay in all cases".
"The company decides", indicates the grim status of the negotiations between Laurent de Gourcuff's group and the operators of Spook, a "ransomware" designed by brains but rented to small hands. Because if it has recently been rife with this malicious software, it is well known to cybersecurity specialists. “This is a name change for the Prometheus ransomware, which was very active this summer but for which a decryption tool was produced,” explains Xavier Duros, technical director of Check Point Softwares, an American specialist in cybersecurity.
“They changed the ransomware algorithm to make it undetectable again and they quickly resumed operations at the end of September,” adds the expert.
"They are the symbol of the industrialization of attacks because they even go so far as to offer an after-sales service to their victims to properly decipher their data".
"They seem to particularly appreciate the French targets," warns Brett Callow, threat analyst at Emsisoft, a company specializing in the fight against ransomware.
Other victims such as a chartered accountant from Hauts-de-Seine have recently appeared on the table of victims of this cybercrime.
/cloudfront-eu-central-1.images.arcpublishing.com/prisa/H6SX4JB4HJIOMBO3FUP6IGGLUI.jpg)
