• About
  • Advertise
  • Careers
  • Contact
Monday, February 6, 2023
No Result
View All Result
NEWSLETTER
Cyber360 News
  • Home
  • Security
  • Data Breach
  • Cyber Attacks
  • Cyber Security
  • Cyber Crime
  • Contact Us
  • Home
  • Security
  • Data Breach
  • Cyber Attacks
  • Cyber Security
  • Cyber Crime
  • Contact Us
No Result
View All Result
Cyber360 News
No Result
View All Result
Home Security Malware

Spain’s largest radio station Cadena SER and IT service provider Everis suffered ransomware attacks which crippled its service.

by Cyber360 News
November 11, 2019
in Malware
0
Spain’s largest radio station Cadena SER and IT service provider Everis suffered ransomware attacks which crippled its service.
0
SHARES
5
VIEWS
Share on FacebookShare on Twitter

Spain’s largest radio station Cadena SER and IT service provider Everis suffered ransomware attacks which crippled its service.

While the protests in Catalonia may be or may not be a bad thing depending on who you ask, everyone in Spain would agree that what happened today is nothing short of unpleasant. Earlier this week, two of Spain’s largest companies were compromised by ransomware.

The first one which is Everis happens to be the country’s largest managed service provider and the second one – Cadena SER – the largest radio station in Spain.

See: Hackers infect Canon DSLR camera with ransomware

In initial news, it has been reported that Everis prompted employees to shut down their PCs after discovering they were under attack. A reason why the company did not initially publicly disclose the incident may be because of one of the requirements of the attackers asking them not to make any such move.

On the other hand, a note found on their system asked them to find out the payable amount by emailing them at s[email protected] or [email protected] with Everis – the company name – as the email subject.

Spain's biggest two go down in massive ransomware attacks

According to reports, hackers have demanded €750,000 equivalent to $835,923 as a ransom to send the decryption key. As for how the company was infected in the first place, a cybersecurity consultant took to Twitter elaborating on the process.

Note: Translation of these tweets have been done using Google Translate.

Veo esta info online:
The threat phases are:
1. An everis user access to a compromised website where the source code was modified to show a fake browser update and download a file.

— Arnau Estebanell Castellví (@ArnauEstebanell) November 6, 2019

Detailing further, he goes on to state,

1. The file is a JavaScript code (JS) that infects the device with a C2C malware categorized as “EMOTET.” This JavaScript creates additional exe files.

2. Once the attackers control the infected device, install a PowerShell post exploitation framework called Empire1. With Empire Framework in the infected device, the attacker enumerates the network and gets credentials from the infected device cache. With this, different Empire installations are seen in different hosts and servers.

4. Attackers distribute a ransomware family called “BitPaymer/IEncrypt” to Everis devices through compromised hosts and servers

On the other hand, the Cadana SER radio station was infected with unidentified ransomware forcing them to take all of their computers offline while continuing operations with the help provided by its headquarters in Madrid.

The attack was also confirmed by multiple national institutions including Spain’s Department of Homeland Security(DSN) and the Spanish National Cybersecurity Institute (INCIBE) with the latter currently helping them recover their data and get back online.

However, a disappointing aspect was found with how Spanish authorities tried to downplay the incident, particularly the DSN who went on to state that:

“This type of attack occurs quite frequently. In 2016, the National Cybersecurity Institute handled some 2,100 similar incidents.”

To conclude, companies have been increasingly targeted with ransomware over the past few years despite which some firms neglect cybersecurity throwing not only themselves but also the data of their customers into jeopardy. This can be of course be attributed to attackers coming up with better ways but at the same time, the emergence of cryptocurrencies and other anonymous payment methods has also eased ransom taking popularising this method.

See: How to Prevent Growing Issue of Encryption Based Malware (Ransomware)

To protect themselves, companies with substantial financial sources that would make up the majority of medium and large enterprises should hire dedicated cybersecurity teams. Sure, it will be a drain on their finances in the short term but if seen in the long run, it can help avert PR crises which far outweigh any other financial implications the firm may have in spending money for security.

Did you enjoy reading this article? Like our page on Facebook and follow us on Twitter.

Cyber360 News

Cyber360 News

Next Post
Fireye catches APT41 spying for the Chinese on Linux servers.

Fireye catches APT41 spying for the Chinese on Linux servers.

Recent Posts

Twitch’s Entire Critical Data Leaked, Includes Streamer Earnings, Source Code

Twitch’s Entire Critical Data Leaked, Includes Streamer Earnings, Source Code

October 6, 2021
Former U.S. Security Firm Helped The UAE Carry Out “Karma” iMessage Hack: MIT Tech Review

Former U.S. Security Firm Helped The UAE Carry Out “Karma” iMessage Hack: MIT Tech Review

October 1, 2021
Facing “This App Has Been Blocked For Your Protection” Issue? Here’s How You Can Fix It

Facing “This App Has Been Blocked For Your Protection” Issue? Here’s How You Can Fix It

October 1, 2021

Whats New in Kali Linux?

September 14, 2021

Kali Linux 2019.3 Release (CloudFlare, Kali-status, metapackages, Helper-Scripts & LXD)

September 14, 2021

Kali Linux 2021.3 Release (OpenSSL, Kali-Tools, Kali Live VM Support, Kali NetHunter Smartwatch)

September 14, 2021

Kali Linux 2018.4 Release

September 14, 2021

Kali Linux 1.0.5 and Software Defined Radio

September 14, 2021

Kali Tools Website Launched, 1.0.9 Release

September 14, 2021

Kali Linux Dojo at Black Hat Vegas 2016

September 14, 2021

Category

Site Links

  • Log in
  • Entries feed
  • Comments feed
  • WordPress.org

About Us

We bring you the best Premium WordPress Themes that perfect for news, magazine, personal blog, etc. Check our landing page for details.

© 2019 Cyber360 News - Powered by WebSensePro

No Result
View All Result
  • Home
  • Security
  • Data Breach
  • Cyber Attacks
  • Cyber Security
  • Cyber Crime
  • Contact Us

© 2019 Cyber360 News - Powered by WebSensePro

Login to your account below

Forgotten Password?

Fill the forms bellow to register

All fields are required. Log In

Retrieve your password

Please enter your username or email address to reset your password.

Log In