BlackCat hits Carinthia: ransom of 5 million

Security Malware and Virus Antivirus The Austrian state of Corinthia was hit by the BlackCat ransomware that knocked out at least 3,000 workstations, blocking several services.

Conti is undoubtedly the most unknown ransomware, but its "brothers" are just as dangerous. One of them is BlackCat, which appeared on the scene at the end of 2021 and managed by the gang born from the disappearance of DarkSide and BlackMatter. The authorities of the Austrian state of Carinthia have confirmed that they have suspended the provision of services following the ransomware attack suffered on May 24. BlackCat blocks computers in Carinthia Among the group's recent campaigns are those against Moncler and Swissport. According to the FBI report, BlackCat affected at least 60 organizations worldwide between November 2021 and March 2022. The choice of targets is obviously made taking into account their financial availability and therefore based on the probability of receiving the payment of high ransoms. The attack carried out last Tuesday knocked out at least 3,000 workstations of the Corinthian administration. This caused the interruption of various services, including the issuance of new passports and fines for violation of the highway code. Some computers have been restored, but the status site and email service are still offline. A state spokesman said the cybercriminals demanded a ransom of $5 million in Bitcoin, threatening to disclose the stolen data. However, the press officer denied the theft of information. The state will not pay any ransom because all data will be restored from backups. Creating copies of data is always recommended, but it would be better to prevent such attacks that cause indirect costs, such as the inability to provide services to citizens. Yet it would be enough to educate employees to avoid falling into the trap of cybercriminals or install a security solution that detects and blocks these kinds of threats. This article contains affiliate links: purchases or orders placed through such links will allow our site to receive a commission. Source: Bleeping Computer