Ransomware actors are getting greedier, and another proof for that statement is the latest ransom demanded by the Netwalker group. The most recent high profile attack carried out by Netwalker ransomware is against Equinix, where clients’ data was encrypted.
NetWalker Ransomware Hackers Demand $4.5 Million
According to a ransom note shared with BC security researchers, a ransom in the amount of $4.5 million has been asked. Most of the encrypted data belongs to Equinix’s Australian customers, and it contains folders of financial information, payroll, accounting audits, and data center reports. Attackers also making threats to double the ransom sum to $9 million and make the affected customer data public, if their demands are not satisfied.
According to the official statement, Equinix’s data centers and their service offerings, including managed services, remain fully operational, as the incident has not affected their ability to support their customers. “Note that as most customers operate their own equipment within Equinix data centers, this incident has had no impact on their operations or the data on their equipment at Equinix,” the company added.
According to security researcher Vitali Kremez, Equinix owns at least 74 remote desktop servers and associated login credentials are currently being auctioned in underground forums on the dark web.
Surprisingly or not, the ransomware demand has continued to grow in 2020. Coveware data reveals that the average payout has increased in the first quarter of 2020, reaching the staggering $111,605, with Ryuk and Sodinokibi being the main culprits for this increase. Get introduced to more ransomware statistics in our article dedicated to the growth of ransomware in 2020.
More about Netwalker ransomware
NetWalker ransomware is most likely a variant of the Mailto Ransomware family. The .mailto file extension along with an email address is attached as the extension to all of your files, making them inaccessible. All encrypted files have the new extension appended as a secondary one. The NetWalker ransomware drops a ransom note, which gives instructions to victims on how they can allegedly restore their data by paying a ransom fee. These instructions typically vary from version to version, and from target to target.
If you have been attacked, learn how to remove NetWalker ransomware.