Malaysian Media Giant Enterprise Email Hacked Attackers Demand 1,000 BTC
According to the Edge Financial Daily, Bursa Malaysia listed media giant, Media Prima Bhd, has been a victim of a ransomware attack on Thursday, November 8, 2018.
According to the source, the malicious software affected Media Prima’s in-house emails, preventing the company to use them until they agree to pay 1,000 Bitcoin (BTC), currently worth $5.6 million to attackers.
Direct company sources said that they refused to comment on the situation while other sources stated that the company had not paid the ransom and had switched email providers.
Media Prima initially keeps quiet about ransom
When asked for information about the alleged attack, the media enterprise refused to confirm or deny the asserts, answering that they are not prepared to answer any questions regarding the incident.
However, another supposedly well-informed internal source confirmed the attack by saying that their office email did get affected, but the company moved to G Suite. The same source declared that attackers demanded Bitcoins, but Media Prima doesn’t have the intention to pay the requested amount.
Until the time of press, it remained unknown if authorities have been officially informed.
Increasing number of ransomware attacks
Ransomware attacks are usually directed at some data storage, which gets controlled by attackers through new encryption implemented into the system. Hackers than demand a certain amount of ransom money to hand the control over data back to a rightful owner.
Until the rise of cryptocurrencies, ransomware attackers had traceability problems, since the flow of fiat money can be easily tracked.
However, some cryptocurrencies, such as Monero (XMR), Dash (DASH), Zcash (ZEC) or Verge (XVG), offer total anonymity to their users, which make ransomware attacks “more secure” for attackers.
Bitcoin transactions were found to be more transparent than transactions happening on blockchains of currencies mentioned above, so it is somewhat dubious that attackers on Media Prima decided to demand ransom in BTC.
Since the attack has remained unconfirmed, it is not known which software was used, but it has been reported that similar attacks, conducted through the SamSam malware, have generated more than $6 million in Bitcoin for their conductors in last three years.
One of the biggest ransomware attacks to date was the one which targeted the Port of San Diego.
Although the company didn’t want to disclose the amount attackers asked as a ransom, the fact that the US Federal Bureau of Investigation (FBI) was investigating the matter tells enough.
SamSam is the biggest menace
The cybersecurity firm Sophos is one of the most prominent companies dealing with ransomware attacks.
They state that, by using SamSam, attackers single out one victim at a time instead of trying to spread the malware through emails or phishing sites. After breaching the JBOSS systems, they copy their ransomware into the network, taking the control of the system in the process.
A negative use case of cryptocurrencies
This, like many more similar incidents, show that cryptocurrencies, besides all the positives they bring, have a dark side attached.
Privacy-oriented cryptocurrencies have been raising eyebrows of government officials for quite some time and looking at this example, it is understandable why that is the case.
Anonymity and privacy are good things until they become utilized by dishonest people for malicious actions. The use of cryptocurrencies paired with ransomware software enhanced the ability of hackers to remain undetected during these attacks, making it harder for the authorities to conduct fruitful investigations.
Yet, history has taught us that every good thing can be used for malicious goals.
This is not investment advice. Cryptocurrencies are highly volatile assets and are very risky investments. Do your own research and/or consult an investment professional before investing. Never invest more than you can afford to lose. Never borrow money to invest in cryptocurrencies.