The Spanish security multinational Prosegur has been affected by Ryuk ransomware, the famous Trojan virus that encrypts files on a compromised device and usually requires a Bitcoin payment to decrypt them.
As a result of the attack, the company, which would employ 170,000 people worldwide, closed its computer network and its employees were sent home.
The company, which is considered one of the world’s largest providers of armored vehicles for the transportation of money, said on Twitter that it had taken “maximum security measures” to avoid spreading the ransomware to both internally and externally.
Statement on a computer security incident pic.twitter.com/5AkBvq1OwY
– Prosegur (@Prosegur) November 27, 2019
Kevin Beaumont, a cybersecurity researcher, said on Twitter that these measures had an impact on clients.
The Prosegur incident goes back a little over a day. Customers and resellers turn to Twitter, noting that the alarms are not working and that resellers are reporting that they are receiving abusive calls from their customers. A whole ecosystem of security and cash handling services is in operation. pic.twitter.com/dGtfMRr3Y4
– Kevin Beaumont (@GossiTheDog) November 28, 2019
However, the Prosegur website was operational at the time of publication.
This ransomware chain has been wreaking havoc for months.
It targets several state governments and municipalities, as well as hospitals. Earlier this month, Hard Fork explained how 110 American retirement homes were also victims of this disaster.
While it is generally advisable for victims not to pay the ransom requested, figures released earlier this year suggest that Ryuk had collected more than 705 BTCs in just five months, for an approximate value of $ 3.7 million. at the time.
In fact, Ryuk is held responsible for the 90% increase in cryptocurrency payments.
As always, it is better to protect than to heal. Do everything you can to protect your network.
Posted on November 29, 2019 – 13:24 UTC