Saturday August 20, DESFA, the largest supplier of natural gas in Greece, said that it had suffered a cyber attack that affected the availability of some of its systems. Hacker group Ragnar Locker has claimed responsibility for attacking ransomware. they added that they claim to have published more than 350 GB of data stolen from desfa. They wrote a report detailing the attack threat analysis report Cybereason security researchers says: “Ragnar Locker, and usually it has been used since at least December 2019, targeting English-speaking users ransom software. The ransomware program Ragnar Locker has entered the field of view of the FBI since the gang attacked more than fifty organizations in ten key infrastructure sectors. The Council assumes that the first thing Ragnar Locker does after infecting the system is to check the computer’s locale. If the device detects a match with certain countries, including Ukraine, Russia and Belarus, the malware cannot be launched and the process is completed. The report reads: “Ragnar Locker avoids execution from other countries because the group is based in the Commonwealth of Independent States (CIS).” If a match is not found, the ransomware begins to receive information about the infected machine and tries to identify the available file volumes on the host. When the identification phase is completed, Ragnar Locker will start encrypting the files and show the ransom note to the victims.
Back to list
- Posted by Anastasia