Two significant NetWalker ransomware attacks have surfaced in the past week. After Argentina’s official immigration agency suffered a hack demanding $4 million in Bitcoin, a recent report revealed that Pakistan’s largest power producer was compromised. The perpetrators demand up to $7.7 million in BTC.
$7.7M In BTC Demanded From Pakistan Power Producer
The cybersecurity website Bleeping Computer reported earlier that the sole electricity provider for Karachi, Pakistan, namely K-Electric, has suffered a ransomware attack. K-Electric supplies power to over 2.5 million citizens, but the hack has not affected those services. Instead, the perpetrators have targeted the online billing platform, and users could not operate the website.
Bleeping Computer noted that they had seen a payment page provided by the attackers to K-Electric. It reportedly employed the anonymous Tor browser and said that the initial demand is worth $3,850,000 or 382.8179 bitcoins.
However, if the payment is not transferred before September the 15th, it will double to $7.7 million (or 765.6358 BTC).
Further below, the perpetrators have written that they had stolen unencrypted files from KE before executing the attack, without disclosing the nature of the files.
Discovered in August 2019, the NetWalker ransomware attack was initially dubbed Mailto, based on the extension appended to the encrypted files. It compromises the victim’s network and encrypts all Windows devices connected to it.
Upon gaining access to the servers, the perpetrators leave a note demanding a ransom. In recent months, the attackers have requested the funds to be transferred primarily via bitcoins.
According to John McAfee’s former cybersecurity company named after him, NetWalker ransomware attacks have generated over $25 million since March this year.
Argentina’s Immigration Agency Hit As Well
A few days prior to KE, Direccion Nacional de Migraciones – Argentina’s immigration agency – suffered a NetWalker ransomware attack as well. A local cybercrime agency published a criminal complaint asserting that the hack had temporarily halted border crossing into and out of the country.
The perpetrators’ procedure was similar. They provided a Tor payment page initially demanding $2 million in Bitcoin. However, as the victims failed to cover the ransom, it doubled after seven days to $4 million (about 355 BTC).
The hackers also threatened to release sensitive information stolen from the agency if the $4 million are not paid.
Another similar attack occurred this summer and involved the University of California in San Francisco. As CryptoPotato reported, the attackers negotiated for over a week with a negotiator representing the university and ultimately took 116 BTC.
Click here to start trading on BitMEX and receive 10% discount on fees for 6 months.