Energy giant EDP hit with RagnarLocker ransomware

Attackers demand a $10.9m ransom or they’ll leak the company’s sensitive files

When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.

The Portugese multinational energy giant Energias de Portugal (EDP) is the latest company to fall victim to the RagnarLocker ransomware and the attackers are now asking for a $10.9m ransom to unlock its files.

According toBleepingComputerandMalwareHunterTeam, the attackers claim to have stolen over 10TB of sensitive company files which they are threatening to leak if their ransom demands are not met.

In a post on Ragnarok’s leak site, the attackers explained that it is up to EDP whether the company’s files remain confidential or are made public, saying:

“We had downloaded more than 10TB of private information from EDP group servers. Below just a couple of files and screenshots from your network only as a proof of possession! At this moment current post is a temporary, but it could become a permanent page and also we will publish this Leak in Huge and famous journals and blogs, also we will notify all your clients, partners and competitors. So it’s depend on you make it confidential or public !”

RagnarLocker ransomware

MalwareHunterTeam discovered the RagnarLockerransomware samplewhich was used by the cybercriminals who attacked EDP whileBleepingComputerfound the ransom note andTorpayment page where the attackers provide further details on the decryption process and the amount of the ransom.

The attackers left theirransom noteon EDP’s encrypted systems where they were able to steal confidential information on many of the energy giant’s business dealings including its billing, contracts, transactions, clients and partners.

The RagnarLocker ransomware was first discovered at the end of last year when it was seen being used in attacks against compromised networks. The cybercriminals behind it often target software used bymanaged service providersto prevent their attacks from being detected and blocked.

Are you a pro? Subscribe to our newsletter

Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!

As of now, it is still unclear as to whether or not EDP will pay the large ransom demanded by the attackers but the company was offered a special price if it reaches out within two days of having its systems encrypted. If EDP fails to pay the ransom, the cybercriminals could deliver on their promise to publicly release the 10TB of sensitive data they obtained in the attack.

ViaBleepingComputer

After working with the TechRadar Pro team for the last several years, Anthony is now the security and networking editor at Tom’s Guide where he covers everything from data breaches and ransomware gangs to the best way to cover your whole home or business with Wi-Fi. When not writing, you can find him tinkering with PCs and game consoles, managing cables and upgrading his smart home.

Scammers are using fake copyright infringement claims to hack businesses

HPE reveals critical security bug affecting networking access points

From Dishonored to Mafia: Definitive Edition, some of my favorite games are free right now for Amazon Prime members