Ransomware actors are getting greedier, and another proof for that statement is the latest ransom demanded by the Netwalker group. The most recent high profile attack carried out by Netwalker ransomware is against Equinix, where clients’ data was encrypted.
NetWalker Ransomware Hackers Demand $4.5 Million
According to a ransom note shared with BC security researchers, a ransom in the amount of $4.5 million has been asked. Most of the encrypted data belongs to Equinix’s Australian customers, and it contains folders of financial information, payroll, accounting audits, and data center reports. Attackers also making threats to double the ransom sum to $9 million and make the affected customer data public, if their demands are not satisfied.
According to the official statement, Equinix’s data centers and their service offerings, including managed services, remain fully operational, as the incident has not affected their ability to support their customers. “Note that as most customers operate their own equipment within Equinix data centers, this incident has had no impact on their operations or the data on their equipment at Equinix,” the company added.
According to security researcher Vitali Kremez, Equinix owns at least 74 remote desktop servers and associated login credentials are currently being auctioned in underground forums on the dark web.
Surprisingly or not, the ransomware demand has continued to grow in 2020. Coveware data reveals that the average payout has increased in the first quarter of 2020, reaching the staggering $111,605, with Ryuk and Sodinokibi being the main culprits for this increase. Get introduced to more ransomware statistics in our article dedicated to the growth of ransomware in 2020.
More about Netwalker ransomware
NetWalker ransomware is most likely a variant of the Mailto Ransomware family. The .mailto file extension along with an email address is attached as the extension to all of your files, making them inaccessible. All encrypted files have the new extension appended as a secondary one. The NetWalker ransomware drops a ransom note, which gives instructions to victims on how they can allegedly restore their data by paying a ransom fee. These instructions typically vary from version to version, and from target to target.
If you have been attacked, learn how to remove NetWalker ransomware.
Milena Dimitrova
An inspired writer and content manager who has been with SensorsTechForum since the project started. A professional with 10+ years of experience in creating engaging content. Focused on user privacy and malware development, she strongly believes in a world where cybersecurity plays a central role. If common sense makes no sense, she will be there to take notes. Those notes may later turn into articles! Follow Milena @Milenyim
Follow Me: