The Italian energy company Enel Group, which is represented in 40 countries and is engaged in the production and distribution of electricity and gas, was hacked for the second time in a year.
The first incident took place this summer. Then Enel Group became a victim of the Snake ransomware (aka EKANS), but the company's specialists noticed the attack before the malware could spread and cause serious damage.
Now the publication Bleeping computer, with reference to an unnamed information security specialist, reports that last week Enel Group became a victim of the Netwalker ransomware: the journalists had at their disposal an extortionate note from hackers.
The text contains the address http: // prnt (.) Sc /, which showed the data stolen by the attackers as a result of the attack. From the names of the employees in the folders, it was possible to establish that the attack was directed at the Enel Group.
A week ago, the publication tried to contact representatives of the company, but did not receive any response from Enel Group. But a few days ago, the Netwalker operators themselves indirectly confirmed that they had really attacked the company, as a message appeared in the hackers' chat: “Hello, Enel. Don't be afraid to write to us. "
Usually, if the company does not contact the blackmailers, after a while the ransom amount doubles, and the hackers begin to "leak" the victim's data. This seems to be exactly what happened in the case of the Enel Group. The fact is that the attackers are already threatening to publish the data and are posting screenshots with the stolen information on their website, and the ransom amount is $ 14,000,000 (1234.02380000 BTC).
According to information from Netwalker operators, they stole about 5 terabytes of data from Enel Group and are ready to disclose some of these files within a week. They also insist that they will “study every single file for interesting things” and publish it all on their website.